Skills
skills/udecode/dotai/agent-native-reviewer/Gen Agent Trust Hub

agent-native-reviewer

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill instructions do not contain any malicious patterns, direct prompt injections, or obfuscated code.
  • [PROMPT_INJECTION]: The skill's primary function involves analyzing untrusted external content (skills, prompts, tools, and code), which is a surface for indirect prompt injection.
  • Ingestion points: The skill reviews files in .agents/, .claude/, .codex/**, and various other repository surfaces as specified in SKILL.md.
  • Boundary markers: There are no instructions for the agent to use delimiters or ignore embedded instructions when reading these external files.
  • Capability inventory: The skill utilizes highly capable tools such as Browser, Chrome, and Computer Use, alongside vendor integrations like autogoal and sync-skills.
  • Sanitization: The instructions do not define any sanitization or validation methods for the content being reviewed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 01:35 PM
Security Audit — agent-trust-hub — agent-native-reviewer