code-review
Pass
Audited by Gen Agent Trust Hub on May 29, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to analyze external, untrusted code changes, which creates a surface for indirect prompt injection attacks where malicious instructions could be embedded in the reviewed code.
- Ingestion points: PR descriptions and code diffs (SKILL.md).
- Boundary markers: Absent; no delimiters or instructions are provided to the agent to treat external content as data only.
- Capability inventory: None; the skill contains no executable scripts (SKILL.md).
- Sanitization: Absent; the checklist does not include validation or sanitization of the input code prior to analysis.
- [EXTERNAL_DOWNLOADS]: The documentation includes an installation command
npx clawhub@latestwhich references an external package registry and a tool that is not part of the trusted vendor or service lists. - [COMMAND_EXECUTION]: The skill documentation suggests the use of the
npxcommand for installation, which involves executing code from an external source on the host system. - [NO_CODE]: The skill consists entirely of instructional Markdown content and does not include any executable scripts, binary files, or configuration-level code, which limits direct execution risks.
Audit Metadata