review-pr
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Command Execution: The Python script invokes the GitHub CLI using the
subprocess.runmethod. This is a core part of the skill's ability to fetch and post PR data. The implementation is safe as it avoids shell interpretation by passing arguments as a list. - Indirect Prompt Injection: Because the skill analyzes untrusted code from pull requests, it encounters an attack surface where malicious code could attempt to influence the agent's review. The skill manages this risk by creating an editable YAML file, enabling users to review and approve all comments before they are posted to GitHub.
- Dependency Management: The skill relies on the standard
PyYAMLlibrary for parsing configuration and review data. Users should ensure this package is installed in their environment as part of the setup process.
Audit Metadata