Skills
skills/sadiksaifi/skills/snap-review/Gen Agent Trust Hub

snap-review

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from pull request bodies, comments, and linked issues.
  • Ingestion points: Workflow step 1 in SKILL.md instructs the agent to fetch content from gh pr view, linked issue bodies, and comments.
  • Boundary markers: The instructions do not specify the use of delimiters or warnings to ignore instructions embedded in the external data.
  • Capability inventory: The skill can execute local git and gh commands and post comments to GitHub PRs.
  • Sanitization: No explicit sanitization or validation of the fetched content is described in the workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 04:55 AM