code-reviewer-agent
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a template-driven framework consisting of instructions and checklists for code analysis. It does not execute external scripts or perform network operations.
- [SAFE]: Security checklists provided in the skill follow industry-standard practices (e.g., OWASP principles for injection prevention).
- [SAFE]: No obfuscated strings, hidden URLs, or hardcoded credentials were found within the skill file.
- [PROMPT_INJECTION]: The skill is designed to analyze external code snippets, which presents a surface for indirect prompt injection. However, given the primary purpose is code review and no high-risk capabilities (like automated execution of reviewed code) are present, this is assessed as a standard operational risk rather than a malicious finding.
Audit Metadata