Skills
skills/proffesor-for-testing/agentic-qe/pr-review/Gen Agent Trust Hub

pr-review

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to perform its primary functions, including fetching pull request diffs, viewing descriptions, and posting review comments. These are standard operations for development workflows.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from external sources (the contents of GitHub Pull Requests) which are then processed by the agent.
  • Ingestion points: Pull request diffs and descriptions fetched via gh pr diff and gh pr view in SKILL.md.
  • Boundary markers: None. The skill does not specify any delimiters or safety instructions to prevent the agent from following commands embedded within the code changes or PR comments.
  • Capability inventory: The skill has the capability to execute commands on the host system via the gh CLI and output review feedback.
  • Sanitization: No sanitization or validation is applied to the content retrieved from the pull request before the agent analyzes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 04:01 PM