Skills
skills/tech-leads-club/agent-skills/gh-address-comments/Gen Agent Trust Hub

gh-address-comments

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/fetch_comments.py wraps the GitHub CLI (gh) using Python's subprocess module. It invokes commands such as gh pr view and gh api graphql to programmatically retrieve pull request data.
  • [EXTERNAL_DOWNLOADS]: The skill relies on the presence of the gh command-line tool. This is an official, well-known utility provided by GitHub for interacting with their platform.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it reads and acts upon PR comments provided by external users.
  • Ingestion points: The script scripts/fetch_comments.py extracts text from comments, reviews, and reviewThreads via the GitHub GraphQL API.
  • Boundary markers: The PR data is passed to the agent as a JSON structure without explicit instruction-isolation markers.
  • Capability inventory: The agent is tasked with applying code fixes based on these comments, which involves file-writing capabilities.
  • Sanitization: No explicit sanitization of the comment body is performed before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 01:48 AM