Skills
skills/afollestad/personal-ai-skills/review-github-pr/Gen Agent Trust Hub

review-github-pr

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were identified in the skill code.
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and jq to interact with GitHub repositories, which is appropriate for its stated purpose of reviewing pull requests.
  • [INDIRECT_PROMPT_INJECTION]:
  • Ingestion points: Untrusted data is ingested from external GitHub pull requests via gh pr view and gh pr diff (SKILL.md).
  • Boundary markers: None used; the agent reads the raw diff content directly.
  • Capability inventory: The skill can execute GitHub CLI commands, including posting reviews and comments via gh api (SKILL.md).
  • Sanitization: While no automated sanitization is mentioned, the skill explicitly mandates a human-in-the-loop step in 'Section 3: Generate prioritized comments' and 'Section 4: Ask for review disposition', where the user must review and confirm all feedback before any data is sent back to GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 02:17 AM