refine-review
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill's behavior is consistent with its stated purpose of artifact review and quality assurance.
- [DATA_EXFILTRATION]: The skill accesses local project files such as PBIs and documentation within the
team-artifacts/pbis/and.claude/skills/shared/directories. There are no network operations (e.g., curl, wget, fetch) or patterns suggesting the exfiltration of this data to external services. - [COMMAND_EXECUTION]: No shell commands or subprocess calls were identified. The skill relies on standard platform tools like
TaskCreateandAskUserQuestionfor its operations and task management. - [PROMPT_INJECTION]: The skill uses authoritative language (e.g., 'MANDATORY IMPORTANT MUST') to define its operational logic and ensure adherence to review protocols. This is a standard instructional technique for defining agent behavior and does not represent an attempt to bypass agent safety controls or override system instructions.
Audit Metadata