Skills
skills/tobihagemann/turbo/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh repo view) to retrieve the default branch name of the repository. This is a standard and expected operation for a tool designed to interact with Git repositories.
  • [PROMPT_INJECTION]: An indirect prompt injection surface is present as the skill processes external data in the form of pull request comments and review outputs.
  • Ingestion points: The skill explicitly mentions incorporating 'PR comments passed in by the caller' into the evaluation phase in SKILL.md.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate user-provided comments from the system's logic.
  • Capability inventory: The skill triggers the /peer-review and /evaluate-findings sub-skills, which process the ingested content.
  • Sanitization: No explicit sanitization or filtering of external comments is mentioned in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 03:29 AM