review-mr

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected. The skill uses standard tools for its intended purpose of code review and demonstrates a commitment to security by including examples of identifying and removing hardcoded secrets.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it processes untrusted data from GitLab, such as merge request descriptions, commit messages, and code diffs. This is an inherent and expected risk for a code review tool.
  • Ingestion points: Untrusted content enters the context via get_merge_request, get_merge_request_commits, and get_merge_request_diffs tools.
  • Boundary markers: None are explicitly defined in the instructions to differentiate untrusted data from agent instructions.
  • Capability inventory: The skill relies on read-only GitLab metadata tools; it does not request capabilities for command execution, file-system modifications, or network exfiltration.
  • Sanitization: No specific sanitization or filtering logic is provided for the ingested content.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 01:25 AM
Security Audit — agent-trust-hub — review-mr