code-quality
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists primarily of educational content and best practices for software development. No malicious patterns, obfuscation, or unauthorized exfiltration attempts were detected.\n- [COMMAND_EXECUTION]: The skill includes a Python script (
scripts/review-checklist.py) intended for static analysis. It reads local source files using the standard library to identify common code smells and formatting issues without executing the analyzed code or performing network operations.\n- [PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted source code, creating an attack surface for indirect prompt injection. \n - Ingestion points: Source code files provided for review or refactoring (e.g., JS/TS files analyzed by the checklist script).\n
- Boundary markers: Absent; the instructions do not explicitly suggest using delimiters to isolate untrusted code from agent instructions.\n
- Capability inventory: File system access (reading and writing code files), static analysis via the provided Python script, and suggested iterative loops for code refinement.\n
- Sanitization: Absent; there are no instructions for sanitizing or escaping code content before it is processed by the agent.
Audit Metadata