review-codebase
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is designed for static code analysis, refactoring planning, and documentation auditing. It operates solely within the local project environment, reading source files and producing markdown reports and task files. No suspicious network activity, remote downloads, or unauthorized system modifications were detected.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted content (source code and comments) from the local project directory without explicit sanitization or boundary markers.
- Ingestion points: Source code files in the 'src/', 'lib/', and 'components/' directories as specified in SKILL.md.
- Boundary markers: No delimiters or instructions to ignore embedded prompts are present.
- Capability inventory: Reading source files and writing markdown files to 'docs/reviews/' and 'docs/tasks/'.
- Sanitization: No sanitization of ingested content is performed. This could allow malicious instructions within codebase comments to manipulate the analysis results or the generated reports.
Audit Metadata