github-pull-request-review-resolve
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh) for authentication, metadata retrieval, and API interactions, as well as Git for committing and pushing code updates. Evidence is located in SKILL.md workflow steps 1, 2, 5, and 6.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted pull request comments and review threads to determine its actions.\n - Ingestion points: Pull request comments and review threads (SKILL.md, Step 2).\n
- Boundary markers: None present to isolate untrusted data.\n
- Capability inventory: File modification, local command execution, and remote pushing (SKILL.md, Steps 4 and 5).\n
- Sanitization: No sanitization or validation of comment content is performed.
Audit Metadata