Skills
skills/sickn33/antigravity-awesome-skills/address-github-comments/Gen Agent Trust Hub

address-github-comments

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes external, untrusted content from GitHub PR comments.
  • Ingestion points: Untrusted data enters the agent context via the gh pr view --comments command in SKILL.md.
  • Boundary markers: The instructions do not define delimiters or provide 'ignore instructions' warnings to prevent the agent from obeying commands embedded within the fetched comments.
  • Capability inventory: The skill enables the agent to perform file system modifications (implied in the 'Apply Fixes' step) and network operations via the gh CLI.
  • Sanitization: There is no mention of sanitizing or validating the comment body before the agent interprets it to plan or apply code changes.
  • [COMMAND_EXECUTION]: The skill relies on the execution of local CLI commands.
  • Evidence: It uses the gh utility for authentication checks (gh auth status), viewing PR metadata (gh pr view), and posting responses (gh pr comment).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 08:26 AM