review
Pass
Audited by Gen Agent Trust Hub on Jun 5, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected in the code review logic. The skill is designed to ingest and analyze untrusted code changes which could contain instructions intended to manipulate the agent's output or influence the behavior of the parallel subagents it spawns.
- Ingestion points: Untrusted code changes provided for analysis (SKILL.md).
- Boundary markers: Absent. There are no instructions to use delimiters or ignore embedded instructions within the input code.
- Capability inventory: Orchestrates the creation of up to 10 parallel subagents to verify review findings (SKILL.md).
- Sanitization: Absent. The input content is not filtered or escaped before processing.
Audit Metadata