Skills
skills/eyh0602/skillshub/docs-review/Gen Agent Trust Hub

docs-review

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill lacks sufficient safeguards when processing untrusted external data.
  • Ingestion points: The skill uses mcp__github__get_pull_request_diff and Read tools to ingest documentation content from GitHub PRs and local files (SKILL.md, Step 2 in Review Process).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the ingested documentation as untrusted data or to ignore embedded instructions within that data.
  • Capability inventory: The skill possesses significant write capabilities via mcp__github__add_pull_request_review_comment_to_pending_review and mcp__github__submit_pending_pull_request_review (SKILL.md, PR review mode format).
  • Sanitization: There is no mention of sanitizing or escaping the content read from the diffs before it is used to generate review comments.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:58 PM