Skills
skills/jason-qweb/agent-skills/code-reviewer/Gen Agent Trust Hub

code-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No security issues or malicious patterns were detected in the skill file. The instructions are limited to providing textual analysis of code provided by users.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted data (code snippets, pull requests, and diffs), which presents a potential surface for indirect prompt injection. However, because the skill has no dangerous capabilities such as file system writing or command execution, the threat is effectively mitigated.
  • Ingestion points: Processes code snippets and diffs provided in the agent's context (SKILL.md).
  • Boundary markers: None are explicitly defined in the prompt instructions to separate untrusted code from system instructions.
  • Capability inventory: No subprocess calls, network operations, or file-write capabilities are present.
  • Sanitization: No sanitization of the input code is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 02:46 AM