Skills
skills/dotnet/maui/find-reviewable-pr/Gen Agent Trust Hub

find-reviewable-pr

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [Command Execution]: The skill executes a PowerShell script that uses the GitHub CLI (gh) to query repository data. This includes using Invoke-Expression to handle command execution and retries for API calls.
  • [External Data Processing]: The script retrieves and processes metadata from pull requests, such as titles and labels, from the dotnet/maui and dotnet/docs-maui repositories.
  • [Indirect Prompt Injection Consideration]: The skill ingests untrusted data from pull request metadata in the query-reviewable-prs.ps1 script. While the agent uses structured markdown tables as boundaries for the output, no explicit sanitization is performed on the ingested titles. The skill's capabilities are focused on data retrieval and presentation.
  • [Secure Input Handling]: Script parameters are strictly defined with ValidateSet and specific types, which limits the potential for unexpected input processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 02:35 AM