Skills
skills/mysticaltech/terraform-hcloud-kube-hetzner/review-pr/Gen Agent Trust Hub

review-pr

Warn

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The workflow instructions recommend using shell command substitution $(gh pr diff <number>) within arguments for external tools like codex and gemini. This creates a command injection vulnerability where a malicious pull request could include shell metacharacters in its diff, file names, or commit messages to execute arbitrary code.
  • [REMOTE_CODE_EXECUTION]: The skill instructs the user to execute terraform plan on an untrusted pull request after checking it out locally. Terraform plans can execute arbitrary code via malicious providers, local-exec provisioners, or external data source scripts, leading to system compromise.
  • [DATA_EXFILTRATION]: Sensitive infrastructure files (e.g., init.tf, locals.tf, firewall.tf) and files containing credentials (e.g., *secret*, token*) are explicitly passed to external AI services for analysis. This increases the risk of data exposure and credential harvesting.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 19, 2026, 11:51 PM