Skills
skills/carsten-j/agent-resources/pr-review/Gen Agent Trust Hub

pr-review

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the processing of untrusted Pull Request data.
  • Ingestion points: The skill ingests untrusted data from git commit messages via git log and code diffs via git diff in the SKILL.md instructions.
  • Boundary markers: The skill lacks delimiters or explicit instructions to the agent to ignore embedded commands within the analyzed code or logs.
  • Capability inventory: The skill has the capability to execute local git commands (fetch, diff, log) via subprocess calls.
  • Sanitization: No sanitization, filtering, or validation is performed on the data retrieved from the git repository before it is presented to the agent for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 12:35 PM