review-ticket

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized data exfiltration attempts were detected in the skill instructions.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data, specifically pull request diffs and ticket descriptions. While this presents a surface for indirect prompt injection, it is the primary intended purpose of the skill. The workflow includes structured steps for evidence collection and human-in-the-loop approval before publishing comments, which provides a layer of protection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 10:16 PM
Security Audit — agent-trust-hub — review-ticket