skills/owainlewis/blueprint/review/Gen Agent Trust Hub

review

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or high-risk behaviors were detected. The skill follows best practices by restricting its scope to analysis and reporting.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data from source code, git diffs, and pull request metadata.\n
  • Ingestion points: SKILL.md defines workflows to read $ARGUMENTS, file contents, git diff, and pull request descriptions/comments.\n
  • Boundary markers: Absent; the skill does not use specific delimiters to separate the content being reviewed from the instructions.\n
  • Capability inventory: The skill is limited to analytical tasks and lacks tools for code execution, file system modification, or network exfiltration.\n
  • Sanitization: No sanitization or filtering of the input data is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 07:48 PM
Security Audit — agent-trust-hub — review