fetch-pr-comments
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed for read-only access to GitHub pull request data using the official GitHub CLI tool. It executes a static GraphQL query to retrieve review comments and formats them into a summary for the user. No sensitive data is exposed, and no persistence or privilege escalation mechanisms are used. Although it handles untrusted data in the form of PR comments, the skill's logic is limited to display and does not involve any execution or evaluation of the comment text, which protects against indirect prompt injection.
Audit Metadata