pr-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION] (SAFE): Analysis of the skill instructions found no attempts to bypass safety filters or override agent behavior.
- [DATA_EXFILTRATION] (SAFE): No hardcoded secrets, sensitive file paths, or unauthorized network operations were detected.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill is intended to process external data (PR diffs and descriptions), which constitutes an attack surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: Pull request diff and description (SKILL.md); 2. Boundary markers: Absent; 3. Capability inventory: Posting review comments, no shell or executable capabilities; 4. Sanitization: Absent.
- [NO_CODE] (SAFE): This skill contains only documentation and instructional text in Markdown format without any scripts or executable logic.
Audit Metadata