code-review

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a robust defense-in-depth approach against prompt injection. In the 'Untrusted Content' section, it explicitly instructs the agent to treat all content within a pull request—including diffs, comments, and descriptions—as evidence to be evaluated rather than instructions to be followed, which directly mitigates attempts to steer the agent's behavior through the data it reviews.
  • [EXTERNAL_DOWNLOADS]: External references in the grounding metadata target trusted organizations (such as Google, GitHub, OpenAI, and Anthropic) and well-known industry services. These references are used for documentation and best-practice alignment.
  • [SAFE]: Although the skill has access to the Bash tool, its instructions are limited to analytical and search-based tasks, such as using Grep to identify call sites and trace the blast radius of code changes, rather than the execution of untrusted code.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 04:35 AM
Security Audit — agent-trust-hub — code-review