security-review
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill defines a legitimate and structured workflow for security auditing, focusing on data flow analysis, boundary protection, and common web vulnerabilities. All instructions align with its stated purpose of production security review.\n- [PROMPT_INJECTION]: The skill operates on untrusted external code, creating an inherent surface for indirect prompt injection where malicious code could attempt to influence the agent's behavior during the review.\n
- Ingestion points: The agent is instructed to read user-provided project source code, API entry points, and configuration files (SKILL.md).\n
- Boundary markers: There are no instructions for using delimiters or boundary markers to isolate untrusted code content from the agent's system instructions.\n
- Capability inventory: The agent is authorized to execute git commands and targeted build, lint, or test commands on the input project to verify findings (SKILL.md).\n
- Sanitization: No specific sanitization or filtering logic is provided for handling the contents of the files being reviewed.\n- [COMMAND_EXECUTION]: The skill leverages the agent's command execution capabilities to run
git status, build scripts, and tests. These actions are restricted to the local environment and are necessary for the skill's primary function of code verification.
Audit Metadata