Skills
skills/olshansk/agent-skills/cmd-pr-gh-comments/Gen Agent Trust Hub

cmd-pr-gh-comments

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection risk by ingesting and acting upon GitHub PR comments provided by third parties.
  • Ingestion points: PR comments are fetched from GitHub repositories using the gh api tool.
  • Boundary markers: The skill includes a strict human-in-the-loop requirement, presenting a "Holistic Plan" and explicitly stating "Do not proceed until the user confirms."
  • Capability inventory: The skill can modify local files (AGENTS.md, code templates), execute shell commands (git, gh, rg), and perform GitHub API mutations (thread resolution).
  • Sanitization: The skill uses structured GraphQL variables for API requests and relies on manual human verification of all proposed changes and actions.
  • [COMMAND_EXECUTION]: The skill executes various system commands using the GitHub CLI (gh), git, and ripgrep (rg) to analyze the repository, fetch metadata, and search for patterns. These commands are integral to its triaging and investigation functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 03:22 PM