Skills
skills/sickn33/antigravity-awesome-skills/iterate-pr/Gen Agent Trust Hub

iterate-pr

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from Pull Request comments and CI logs which could contain malicious instructions.
  • Ingestion points: Fetches PR metadata, review comments, and inline comments using gh pr view and gh api in SKILL.md. It also retrieves CI logs via gh run view.
  • Boundary markers: The skill does not define specific delimiters or guardrails to prevent the agent from obeying instructions embedded in the comments or logs.
  • Capability inventory: The skill can perform file modifications and execute git push to update the remote repository.
  • Sanitization: No evidence of sanitization or filtering of the ingested external text is present.
  • [COMMAND_EXECUTION]: The skill relies on executing system commands to perform its core functions.
  • Evidence: SKILL.md defines the use of gh (GitHub CLI) for viewing and checking PR status and git for committing and pushing code changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 11:36 PM