Skills
skills/rodrigooslp/skills/review-issues/Gen Agent Trust Hub

review-issues

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface by reading external project files and feeding them directly into instructions for specialized subagents.
  • Ingestion points: The skill reads files from the plans/ directory, specifically README.md, issues/index.json, and all issues/*.md files.
  • Boundary markers: No clear delimiters (like XML tags or unique markers) or "ignore embedded instructions" warnings are used when interpolating file contents into the subagent prompts (e.g., <implementor-review-prompt> and <coverage-review-prompt>).
  • Capability inventory: The agent can spawn subagents to perform analysis and possesses file-write capabilities to update issue files and JSON indices based on subagent feedback.
  • Sanitization: There is no evidence of sanitization or validation of the ingested content before it is processed by the subagents.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 12:06 AM