coding-standards
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
subprocess.runandos.execvfor environment management, such as switching to compatible Python versions and executing its own internal linting scripts. These actions are consistent with its stated purpose of managing a complex linting infrastructure. - [EXTERNAL_DOWNLOADS]: During the bootstrap process, the skill downloads and installs well-known code parsing libraries (
tree-sitterand associated grammars) from the official Python Package Index (PyPI). This is required for its AST-based linting rules to function correctly. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) due to its core functionality of reading and analyzing untrusted source code from the project tree.
- Ingestion points: Code is ingested by
hooks/review-files.pyand the orchestrator logic for review and fixing tasks. - Boundary markers: The skill implements a multi-agent pipeline where specialist workers are constrained by specific JSON-only output requirements and role-based instructions.
- Capability inventory: The orchestrator agent is capable of dispatching sub-agents and applying modifications to the filesystem via the agent's native tools.
- Sanitization: The skill processes code primarily as text for transformation by specialist LLM workers, using multi-step verification passes to ensure compliance.
Audit Metadata