Skills
skills/open-horizon-labs/repo-native-alignment/review-readiness/Gen Agent Trust Hub

review-readiness

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using standard developer tools including git and the GitHub CLI (gh) to retrieve repository state, branch diffs, and pull request information.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it ingests and processes untrusted data from external sources.
  • Ingestion points: Pull request title and body content retrieved via the gh pr view command, as well as code content from git diff output.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions to encapsulate the untrusted PR data, which could lead to the agent inadvertently following instructions embedded within a PR.
  • Capability inventory: The agent has access to repository file-system state via git, GitHub PR management via gh, and repository metadata tools such as repo_map and search.
  • Sanitization: No explicit sanitization, filtering, or validation of the untrusted PR content is defined in the skill procedure before it is summarized by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 11:52 AM