Skills
skills/freenet/freenet-agent-skills/pr-review/Gen Agent Trust Hub

pr-review

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to perform operations including gh pr view, gh pr diff, gh issue view, and gh pr checks. These commands are used to gather context from external Pull Requests. It also uses grep for pattern detection within diff outputs.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted external content.
  • Ingestion points: Pull request descriptions, issue comments, and source code diffs are retrieved via gh commands and presented to the LLM for analysis.
  • Boundary markers: The instructions lack explicit delimiters or "ignore embedded instructions" warnings when processing the fetched PR content.
  • Capability inventory: The skill executes CLI commands and spawns specialized subagents to perform deeper analysis.
  • Sanitization: No sanitization or escaping of the external PR data is performed before it is interpolated into the review prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 02:57 PM