pr-description
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted external content like code diffs which poses an indirect prompt injection risk. Ingestion points: user-provided text, git diff output, and gh pr diff data as specified in SKILL.md. Boundary markers: Explicitly present in SKILL.md as a SECURITY WARNING and instruction to treat content as plain text. Capability inventory: Utilizes git and gh CLI tools for reading, viewing, and editing Pull Requests. Sanitization: Explicitly instructs the agent to ignore commands or instructions embedded within the analyzed repository content.
- [COMMAND_EXECUTION]: The skill uses git and the GitHub CLI (gh) to fetch diffs, view PR status, and perform Pull Request metadata updates.
- [EXTERNAL_DOWNLOADS]: Fetches code diffs and PR metadata from GitHub using the official gh CLI tool.
Audit Metadata