review
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or high-risk behaviors were detected. The skill follows best practices by restricting its scope to analysis and reporting.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data from source code, git diffs, and pull request metadata.\n
- Ingestion points:
SKILL.mddefines workflows to read$ARGUMENTS, file contents,git diff, and pull request descriptions/comments.\n - Boundary markers: Absent; the skill does not use specific delimiters to separate the content being reviewed from the instructions.\n
- Capability inventory: The skill is limited to analytical tasks and lacks tools for code execution, file system modification, or network exfiltration.\n
- Sanitization: No sanitization or filtering of the input data is performed before processing.
Audit Metadata