review-automation-orchestrator
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface.
- Ingestion points: The skill routes the analysis of external repository data including API contracts, documentation, and source code via specialized sub-skills (SKILL.md).
- Boundary markers: Absent in SKILL.md; no delimiters or instructions are provided to isolate untrusted repository data from system instructions.
- Capability inventory: The skill possesses the capability to trigger automated issue creation and corrective pull requests based on its findings (SKILL.md).
- Sanitization: Absent in SKILL.md; no validation or escaping procedures are defined to filter out potential prompt injection patterns from ingested content. Note: Referenced files references/repo-skill-review.md and references/cloudbase-skill-review.md were not provided for analysis.
Audit Metadata