scout-best-practices-reviewer
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted code files (PR changes) which could contain indirect prompt injection attacks designed to manipulate the review output.
- Ingestion points: Processes
*.spec.tsfiles, imported helpers, neighboring Scout code, and migration artifacts as described inSKILL.md. - Boundary markers: The instructions do not provide explicit delimiters or instructions to ignore embedded commands within the files being reviewed.
- Capability inventory: Based on the provided files, the skill's capabilities are limited to generating review text; no dangerous file system or network tools are invoked.
- Sanitization: There is no mention of sanitizing or escaping the content read from the files before it is processed by the agent.
- [NO_CODE]: The skill consists entirely of markdown instructions and configuration without any embedded scripts or executable files.
Audit Metadata