pr-review
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill consists entirely of markdown documentation and does not contain any executable scripts, binary files, or network-related commands.- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as its core function is to process untrusted data from pull requests. However, this is inherent to its primary use case and the skill provides no automated capabilities that could be exploited. • Ingestion points: PR descriptions, linked issues, and code diffs in SKILL.md. • Boundary markers: Not present; the skill does not include specific markers to separate instructions from PR data. • Capability inventory: None; no tools or subprocesses are defined in the skill. • Sanitization: None; the skill relies on the LLM's internal safety filters.
Audit Metadata