Skills
skills/thearchitectit/awesome-opencode-skills/staff-engineer-review/Gen Agent Trust Hub

staff-engineer-review

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, hidden commands, or security risks were identified. The skill is composed entirely of instructional text.
  • [PROMPT_INJECTION]: The skill processes untrusted input such as pull request descriptions and code diffs, which represents a surface for indirect prompt injection.
  • Ingestion points: Pull request descriptions and code changes are ingested as input for evaluation (SKILL.md).
  • Boundary markers: None are defined to differentiate between instructions and untrusted data.
  • Capability inventory: None; the skill provides textual feedback only and has no access to shell commands, network operations, or file system modifications.
  • Sanitization: No sanitization or validation of the input data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 05:48 AM