react-senior-code-review
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and processes user-provided source code files to perform architectural reviews.
- Ingestion points: Reads the full content of the target feature directory provided via the
<feature-path>argument. - Boundary markers: The instructions specify focusing on five architectural dimensions, which provides some behavioral scoping but does not isolate untrusted content from the primary prompt logic.
- Capability inventory: The skill is capable of editing project files and executing shell commands (
npm run lint/build/test). - Sanitization: There is no evidence of sanitization or escaping of the ingested code content before it is processed by the model.
- [COMMAND_EXECUTION]: The skill executes project-defined shell commands (
npm run lint,npm run build,npm run test) to verify fixes applied during the review process. This allows for the execution of scripts defined in the localpackage.jsonfile.
Audit Metadata