skills/home-assistant/core/ha-review/Gen Agent Trust Hub

ha-review

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFENO_CODE
Full Analysis
  • [SAFE]: The skill is purely instructional and does not include any malicious code, dangerous command execution, or unauthorized network operations.
  • [NO_CODE]: The skill contains no executable scripts, binaries, or third-party library dependencies, consisting only of markdown documentation.
  • [PROMPT_INJECTION]: The skill processes untrusted code changes for review, which creates a theoretical surface for indirect prompt injection. However, this is the primary intended use case of the skill and is managed by the agent's underlying safety constraints.
  • Ingestion points: Code changes provided as input for review.
  • Boundary markers: No specific delimiters or boundary markers are defined in the skill instructions.
  • Capability inventory: The skill instructs the agent to spawn up to 10 parallel subagents for verification purposes.
  • Sanitization: No explicit input sanitization or validation is implemented within the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 06:24 PM
Security Audit — agent-trust-hub — ha-review