coding-conventions-agent
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted code files for review.
- Ingestion points: Files matching *.py, *.ts, *.js, and *.cs (referenced in rules/coding-conventions.md).
- Boundary markers: Absent. The instructions do not define delimiters or explicitly warn the agent to ignore instructions embedded in code comments or strings.
- Capability inventory: The agent has Read and Write tool access (referenced in SKILL.md), allowing it to modify files in the repository based on potentially malicious code it reviews.
- Sanitization: Absent. There is no evidence of filtering or sanitization of the code content before it enters the agent's context.
Audit Metadata