Skills
skills/shipshitdev/skills/receiving-code-review/Gen Agent Trust Hub

receiving-code-review

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes git and gh (GitHub CLI) for read-only operations to verify feedback against the codebase and the gh api to post technical responses to pull request comments. These operations are within the scope of code review management.
  • [PROMPT_INJECTION]: The instructions contain robust defenses against indirect prompt injection by explicitly telling the agent to treat external feedback as suggestions to be evaluated with technical rigor rather than instructions to be followed blindly. It mandates verifying all claims against the actual codebase reality before implementation.
  • [DATA_EXPOSURE]: No hardcoded credentials, sensitive file access, or unauthorized network exfiltration patterns were detected. The skill's primary activity is restricted to the current code repository environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:27 PM
Security Audit — agent-trust-hub — receiving-code-review