iterate-pr
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes
gh(GitHub CLI) commands viasubprocess.runto interact with the GitHub API. These calls are well-contained, usecapture_output=True, and do not pass unsanitized user input into a shell context. - [EXTERNAL_DOWNLOADS]: The skill requires the
uvpackage manager andghCLI to be installed on the host system. It does not perform any dynamic or unauthorized downloads during execution; it expects these tools to be pre-configured and authenticated by the user. - [DATA_EXFILTRATION]: No data is sent to non-whitelisted or untrusted domains. All network communication is performed through the
ghCLI, which targets the user's configured GitHub instance (e.g., github.com). - [PROMPT_INJECTION]: The
SKILL.mdinstructions include clear boundary markers and specific guidance on how the agent should handle feedback. It explicitly distinguishes between human review and bot feedback, and provides a structured workflow for addressing each without overriding safety guidelines. - [REMOTE_CODE_EXECUTION]: While the skill runs Python scripts using
uv run, these are local scripts bundled with the skill. There is no pattern of fetching and executing code from remote or untrusted sources.
Audit Metadata