ln-316-review-refinement-worker
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes external AI advisor CLIs (e.g., Codex and Claude Code) through a dedicated runner script (
agent_runner.mjs). These executions are restricted to tools defined in a local registry and are used for their intended analytical purpose within the refinement workflow. - [DATA_EXFILTRATION]: The skill stores review artifacts, including prompts, logs, and results, within the local
.hex-skills/agent-review/directory. No unauthorized network activity or access to sensitive user credentials was detected. - [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted artifact content for analysis, creating a surface for indirect prompt injection. This risk is mitigated by the design of the refinement workflow, which requires the host agent to independently verify all advisor suggestions before they are applied.
Audit Metadata