review
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes GitHub CLI commands (
gh pr view,gh issue view,gh pr checks) and local linting tools to gather context and perform technical checks. These are standard operations for a development-focused agent. - [PROMPT_INJECTION]: This skill presents an attack surface for indirect prompt injection because it processes content from external, potentially untrusted sources like pull request descriptions and code comments.
- Ingestion points: Pull request metadata and issue details retrieved via the
ghtool, as well as the content of the repository files. - Boundary markers: Absent. The skill does not use specific delimiters or instructions to prevent the agent from following directives embedded in the reviewed content.
- Capability inventory: Includes the ability to execute shell commands for linting and to interact with the GitHub API via the
ghCLI. - Sanitization: None. The skill analyzes the provided text directly to synthesize review findings.
Audit Metadata