scout-best-practices-reviewer

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted code files (PR changes) which could contain indirect prompt injection attacks designed to manipulate the review output.
  • Ingestion points: Processes *.spec.ts files, imported helpers, neighboring Scout code, and migration artifacts as described in SKILL.md.
  • Boundary markers: The instructions do not provide explicit delimiters or instructions to ignore embedded commands within the files being reviewed.
  • Capability inventory: Based on the provided files, the skill's capabilities are limited to generating review text; no dangerous file system or network tools are invoked.
  • Sanitization: There is no mention of sanitizing or escaping the content read from the files before it is processed by the agent.
  • [NO_CODE]: The skill consists entirely of markdown instructions and configuration without any embedded scripts or executable files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 12:47 PM
Security Audit — agent-trust-hub — scout-best-practices-reviewer