pr-ship
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: No security issues detected.
- [REMOTE_CODE_EXECUTION]: The skill mentions an installation command
npx skills add jwilger/agent-skills --skill code-review. This command executes the 'skills' package to add a resource from the author's own repository. As this is a vendor-owned resource, it is considered safe and standard for the skill's operation. - [EXTERNAL_DOWNLOADS]: Fetches additional skill components from the author's repository ('jwilger'). This is a legitimate extension mechanism for the agent's functionality.
- [PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guardrails.
- [DATA_EXFILTRATION]: No sensitive data access or unauthorized network operations were found.
Audit Metadata