skill-reviewer
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill's primary function is as a structural and qualitative reviewer for other agent skills, which is a benign and productive developer utility within its intended environment.
- [COMMAND_EXECUTION]: The skill uses shell commands to execute local repository tooling (
pnpm skill-tools lintandnode packages/skill-tools/dist/index.mjs eval). These operations are restricted to the local file system and are standard for the development workflow defined in the project. The instructions require the agent to verify the existence of the target skill directory and files before execution, providing a layer of protection against simple command injection. - [PROMPT_INJECTION]: The skill processes the content of other skills (SKILL.md and evals.json), creating a surface for indirect prompt injection. This risk is assessed as low given the auditing context and the absence of sensitive network or administrative operations being triggered by the processed data.
Audit Metadata