Skills
skills/boshu2/agentops/pr-research/Gen Agent Trust Hub

pr-research

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard system commands using git and gh to retrieve repository data, metadata, and history for analysis purposes.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it is designed to ingest and process untrusted content from external repositories (e.g., issue titles, PR descriptions, and contribution guidelines).
  • Ingestion points: Uses gh issue list, gh pr list, and cat to read content from remote GitHub repositories.
  • Boundary markers: Absent. The skill does not define specific delimiters or instructions to prevent the agent from obeying instructions potentially embedded in external repository files.
  • Capability inventory: The skill utilizes Bash and Write tools to perform its logic and save research reports to the local file system.
  • Sanitization: There is no explicit sanitization or filtering of the text fetched from external sources before the agent processes it.
  • Context: This risk is considered low and is inherent to the core functionality of researching external codebases.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 10:05 PM