receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to process external feedback from code reviewers, which represents an ingestion surface for indirect prompt injection.
- Ingestion points: External reviewer feedback and PR comments as described in the 'Source-Specific Handling' section.
- Boundary markers: The skill does not define specific delimiters to wrap or isolate external feedback strings.
- Capability inventory: The skill utilizes
gh apifor network communication and requires the ability to read and write to the local codebase to implement suggested changes. - Sanitization: No explicit sanitization or input validation of the feedback is provided, although the skill mandates technical verification before action.
- Command Execution (SAFE): The skill includes instructions for using the GitHub CLI (
gh api) to reply to pull request threads. This usage is standard for the skill's intended purpose and does not represent an elevation of privilege or unauthorized access.
Audit Metadata