Skills
skills/khoahyh/skills/greptile-address/Gen Agent Trust Hub

greptile-address

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection because it ingests untrusted data from external GitHub comments and uses that data to influence its actions.
  • Ingestion points: Untrusted data enters the agent context via gh api calls fetching pull request reviews and comments as specified in SKILL.md (Step 3).
  • Boundary markers: There are no boundary markers or instructions defined to delimit the external comment content or to instruct the agent to ignore embedded commands within those comments.
  • Capability inventory: The skill possesses capabilities to modify local files (Step 5) and perform network operations via git push (Step 7) as described in SKILL.md.
  • Sanitization: The instructions do not specify any sanitization, filtering, or validation of the fetched comment content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 12:12 AM