Skills
skills/k1low/gh-pr-reviews/triage-pr-reviews/Gen Agent Trust Hub

triage-pr-reviews

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses standard development tools including the gh CLI and git to manage PR reviews and commit code changes locally.
  • [DATA_EXFILTRATION]: Communicates with official GitHub API endpoints to fetch metadata and post user-approved replies. No unauthorized data exfiltration patterns were observed.
  • [PROMPT_INJECTION]: The skill processes untrusted PR comments which could serve as a vector for Indirect Prompt Injection. (1) Ingestion point: SKILL.md Phase 1. (2) Boundary markers: Absent. (3) Capability inventory: git commits, file system writes, and GitHub API access. (4) Sanitization: Human-in-the-loop review process where users confirm every action and draft before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 08:19 AM