Skills
skills/andreadellacorte/groove/groove-groovebook-review/Gen Agent Trust Hub

groove-groovebook-review

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the official GitHub CLI (gh) to list, view, and review pull requests. These operations are standard for development workflows and target GitHub, which is a well-known and trusted service.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted data from external sources.
  • Ingestion points: Pull Request body and diff content retrieved via gh pr view and gh pr diff in Step 5.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to disregard instructions embedded within the PR content.
  • Capability inventory: The skill has the ability to write back to the repository by submitting reviews (approve, comment, request changes) via gh pr review in Step 7.
  • Sanitization: The skill relies on the AskUserQuestion tool to confirm the user's reaction, which serves as a human-in-the-loop safety mechanism to prevent automated obedience to instructions found in the PR content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 12:09 AM