ffi-code-review
Pass
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill consists of instructional content and reference documentation for reviewing code. No malicious patterns, such as prompt injection, data exfiltration, or unauthorized command execution, were detected.
- [PROMPT_INJECTION]: The skill analyzes untrusted external data (Rust source code), which represents a surface for indirect prompt injection. This risk is inherent to the code review task and is documented here as an attack surface factor.
- Ingestion points: The agent is instructed to read project configuration and source files (Cargo.toml, build.rs, and Rust source files) as defined in the review workflow.
- Boundary markers: The instructions do not specify the use of explicit delimiters or boundary markers for the code content being reviewed.
- Capability inventory: The agent's capabilities include reading local project files to perform analysis.
- Sanitization: The skill does not define specific sanitization or validation logic for the code content before processing it.
Audit Metadata