Skills
skills/silvabyte/skills/pr-review-toolkit/Gen Agent Trust Hub

pr-review-toolkit

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes git diff and gh pr diff to retrieve the source code changes for review. These are standard commands for development workflows.\n- [PROMPT_INJECTION]: The skill lacks boundary markers when ingesting code changes from diffs, creating an attack surface for indirect prompt injection (Category 8). Malicious instructions in code comments could potentially influence the agent's review output.\n
  • Ingestion points: Code content is retrieved via shell commands in the SKILL.md workflow.\n
  • Boundary markers: None; the content is processed directly without delimiters.\n
  • Capability inventory: The agent only performs analysis and reporting; it does not have access to network or file-system mutation tools during the review phase.\n
  • Sanitization: No sanitization of the code text is performed before it is analyzed by the review protocols.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 08:29 PM