review-pr
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE]: The skill is a legitimate tool for code quality assurance. It does not perform network operations, exfiltrate data, or request elevated privileges.
- [NO_CODE]: The skill contains no executable code (scripts or binaries); it consists entirely of markdown instructions and YAML configuration.
- [PROMPT_INJECTION]: The skill processes untrusted external data (local code diffs and documentation files like
AGENTS.md), which creates a surface for indirect prompt injection. However, the risk is negligible as the skill lacks access to high-risk tools. - Ingestion points:
SKILL.mddirects the agent to read staged/unstaged changes and repository-specific instruction files. - Boundary markers: The instructions do not require the agent to use secure delimiters or isolation markers when processing the code diffs.
- Capability inventory: The skill is designed only to produce textual reports in the chat interface and does not include tools for network communication or file-system modification outside of the review scope.
- Sanitization: No sanitization or filtering of the ingested diff content is prescribed.
Audit Metadata