review-guidelines
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of static markdown-based instructions for code quality, testing, and Bun runtime conventions. It contains no scripts, binaries, or executable commands.
- [SAFE]: No network operations, data exfiltration patterns, or external downloads were detected.
- [SAFE]: The skill is intended to process code from Pull Requests, which constitutes a surface for indirect prompt injection. However, the skill has no functional capabilities to exploit. Ingestion points: Pull Request code and diffs (referenced in description); Boundary markers: Absent; Capability inventory: None detected; Sanitization: Absent.
- [SAFE]: The guidelines explicitly instruct the agent to check for security issues, such as command injection, XSS, and hardcoded secrets, in the code it reviews.
Audit Metadata