code-review
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- Code Review Workflow: The skill uses standard version control commands such as
git statusandgit diffto identify and analyze local file changes, which is appropriate for its intended purpose. - Controlled Output: The skill's primary action is using the
addCommenttool to provide feedback. It explicitly instructs the agent not to modify files, perform commits, or execute other write operations, maintaining a safe operating scope. - Processing Untrusted Content: As the skill reads and reviews external code, it inherently processes content that could contain indirect prompt injections (e.g., instructions hidden in code comments). However, the instructions provide a clear framework for review criteria which helps maintain the agent's focus on technical analysis.
Audit Metadata