Skills
skills/shotaiuchi/dotclaude/ghwf4-review/Gen Agent Trust Hub

ghwf4-review

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and Git to perform operations. It specifically executes commands to view issue/PR data and automate the git add, commit, and push workflow for documentation updates.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from GitHub issue bodies, PR descriptions, and comments.
  • Ingestion points: Data enters the context via gh issue view and gh pr view in Step 1 of the processing logic.
  • Boundary markers: The instructions do not define delimiters or specific warnings to the agent to ignore instructions embedded within the fetched GitHub content.
  • Capability inventory: The skill has the ability to execute shell commands (gh, git), read/write local files (state.json, review documents), and push changes to remote repositories.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the text retrieved from GitHub before it is used by the agent to generate the review document.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 11:34 PM