Skills
skills/kjnez/claude-code-django/pr-review/Gen Agent Trust Hub

pr-review

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from external pull requests.
  • Ingestion points: Pull request details and code diffs are retrieved using gh pr view and gh pr diff in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the retrieved PR content as untrusted data or to ignore embedded instructions.
  • Capability inventory: The agent has the capability to perform write operations by posting comments to the PR via gh pr comment.
  • Sanitization: There is no evidence of sanitization or filtering applied to the PR content before it is analyzed and acted upon.
  • [COMMAND_EXECUTION]: The skill utilizes shell-based commands to interact with the repository and the GitHub platform.
  • Evidence: The workflow involves executing gh pr view, gh pr diff, and gh pr comment to fetch and submit data related to the code review process.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 10:34 AM