requesting-code-review
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the processing of untrusted external data, which creates a surface for indirect prompt injection.
- Ingestion points: The instructions in SKILL.md and REFERENCE.md specify reading and analyzing external source code, PRDs, and issue descriptions.
- Boundary markers: The prompts provided in REFERENCE.md do not utilize delimiters (like triple quotes) or specific instructions to the agent to ignore any embedded commands within the documents being reviewed.
- Capability inventory: The reference workflow in REFERENCE.md utilizes the
gh pr createcommand to interact with remote repositories. - Sanitization: No validation or sanitization of the content from the external code or requirements is mentioned.
- [COMMAND_EXECUTION]: The skill incorporates common command-line tool usage into its workflow.
- Evidence: REFERENCE.md includes a step to run
gh pr create. This is a standard operation involving the official GitHub CLI, which is a well-known developer service.
Audit Metadata