Skills
skills/skinnyandbald/fish-skills/pr-resolution/Gen Agent Trust Hub

pr-resolution

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted input from GitHub Pull Request comments. It includes sanitization logic in lib/parse-coderabbit-review.ts and a classification step in references/classification.md to mitigate the risk of indirect prompt injection.
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh), Git, and local npm scripts to perform PR management and code verification tasks.
  • [EXTERNAL_DOWNLOADS]: The skill documentation mentions an optional dependency on the gtg tool, which is fetched from GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 07:14 AM