pr-review-guide
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution]: The skill is configured to use the GitHub CLI ('gh') and 'git' for repository interaction. These tools are used to facilitate the review process, such as posting inline comments and suggested edits.
- [Indirect Prompt Injection Surface]: Because the skill analyzes code and comments authored by others, it has an exposure to indirect prompt injection. 1. Ingestion points: Analyzes PR diffs and prior review comments as described in SKILL.md. 2. Boundary markers: The instructions do not specify explicit delimiters for untrusted content. 3. Capability inventory: The skill can post comments and suggest code changes using GitHub CLI. 4. Sanitization: There are no explicit instructions for sanitizing or escaping the content read from the PR. This is a common characteristic of automated review tools, and the risk is mitigated by the fact that the agent's actions are limited to providing feedback.
Audit Metadata