review-post-task
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a structured framework for code quality assurance, enforcing best practices such as DRY, KISS, and YAGNI. It includes specific protocols for database performance (mandatory pagination and indexing) and documentation updates, operating entirely within the local development environment.
- [PROMPT_INJECTION]: The skill is designed to ingest and analyze external data such as source code and project documentation, which constitutes a surface for indirect prompt injection. This is a characteristic of the tool's intended function as a code reviewer rather than a malicious pattern.
- Ingestion points: Processes codebase content through search tools and git differentials, and reads project-specific reference documentation.
- Boundary markers: The instructions do not define explicit delimiters to separate the content being reviewed from the agent's core instructions.
- Capability inventory: The agent has access to file reading, searching, task management, and code modification tools.
- Sanitization: No explicit sanitization or filtering of the code content is specified in the protocol.
Audit Metadata