code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill processes untrusted code changes from external pull requests, creating a surface for potential indirect prompt injection. 1. Ingestion points: The skill uses
gh pr viewandgh pr diffinSKILL.mdto read PR data into the agent context. 2. Boundary markers: Absent; there are no specific markers or instructions to ignore instructions found within the code diffs. 3. Capability inventory: The skill can execute local commands (git,gh,pnpm). 4. Sanitization: Absent; the skill does not explicitly sanitize the diff output. - [Command Execution] (SAFE): The skill utilizes command-line tools to perform its primary function. Evidence: It executes
git diff,git log,gh pr, and variouspnpmlifecycle scripts (pnpm build,pnpm test). These are standard operations for code analysis and review.
Audit Metadata