Skills
skills/noobygains/godmode/review-response/Gen Agent Trust Hub

review-response

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources which creates a surface for indirect prompt injection.
  • Ingestion points: Review feedback is received from 'any channel', including 'external contributors' and 'automated tools' as described in SKILL.md.
  • Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore instructions embedded within the feedback strings, though they do mandate a restatement phase.
  • Capability inventory: The skill allows the agent to modify the codebase ('ACT: Address one item at a time') and use the gh api tool to post replies to GitHub comments.
  • Sanitization: There are no instructions for sanitizing or escaping the content of the feedback before it is evaluated by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 07:45 PM