Skills
skills/hungv47/meta-skills/review-chain/Gen Agent Trust Hub

review-chain

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingests untrusted data in the form of code artifacts and requirements, which are then placed into the prompt of a "Reviewer" agent.
  • Ingestion points: The {the full artifact} and {what the code was supposed to do} placeholders in SKILL.md.
  • Boundary markers: Absent. The prompt lacks explicit delimiters or instructions to ignore instructions embedded within the reviewed content.
  • Capability inventory: The skill has access to Bash, Read, Grep, and Glob tools across its execution steps.
  • Sanitization: The instructions do not specify any escaping or validation of the ingested artifact before interpolation.
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to implement resolutions and gather context. While necessary for its implementation role, this capability provides an execution vector if the agent is successfully manipulated by malicious content within an artifact it is reviewing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 03:46 PM