Skills
skills/eho/agent-skills/user-story-reviewer/Gen Agent Trust Hub

user-story-reviewer

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from GitHub Issues and Pull Request descriptions.
  • Ingestion points: Content is retrieved from external sources using gh issue view and gh pr diff as described in the Workflow section of SKILL.md.
  • Boundary markers: The instructions do not define any delimiters or provide a security context to differentiate between the agent's instructions and the data being reviewed.
  • Capability inventory: The skill allows the agent to execute sensitive commands including git push, gh pr review, and gh pr merge based on its evaluation of the untrusted data.
  • Sanitization: No sanitization, validation, or filtering is performed on the data fetched from GitHub before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:32 AM