Skills
skills/derek-x-wang/skills/github/Gen Agent Trust Hub

github

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run 'gh' (GitHub CLI) commands for fetching pull request details, review comments, and summaries.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from GitHub pull request comments.
  • Ingestion points: GitHub PR comments and review summaries fetched via 'gh api' and 'gh pr view' (specified in SKILL.md).
  • Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are included in the skill's logic.
  • Capability inventory: The agent has access to the 'Bash' tool to execute shell commands.
  • Sanitization: No sanitization or validation is applied to the data retrieved from GitHub before it enters the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 06:03 AM