secure-code-review
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed as a template and instruction set for an AI agent to perform static analysis of source code. It restricts the agent to read-only tools (
Read,Grep,Glob), preventing unauthorized system modifications or network access. - [PROMPT_INJECTION]: The skill includes a 'Prompt Injection Safety Notice' that explicitly instructs the agent to ignore any directives found within the code under review and to treat all code content as data rather than instructions. This is a best-practice defense against indirect prompt injection.
- [CREDENTIALS_UNSAFE]: While the skill contains examples of hardcoded credentials and secrets (e.g.,
DB_PASSWORD = "s3cretPassw0rd!"), these are clearly presented in the context of 'vulnerable patterns' for educational purposes to show what the agent should look for during a review. No real credentials belonging to the author are exposed. - [INDIRECT_PROMPT_INJECTION]: The skill recognizes the risk of processing untrusted source code. It mitigates this by providing specific behavioral constraints (Step 1-8) and a dedicated safety section ensuring the agent does not execute or follow instructions found in the files it reads.
- [EXTERNAL_DOWNLOADS]: The skill contains references to official security documentation (OWASP, MITRE CWE, NIST) and mentions standard security tools (Semgrep, SonarQube, DevSkim). These references are informative and do not trigger automated, unverified downloads during the skill's execution.
Audit Metadata