Skills
skills/tobihagemann/turbo/fetch-pr-comments/Gen Agent Trust Hub

fetch-pr-comments

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a bash script (scripts/fetch-pr-data.sh) that executes the gh (GitHub CLI) and jq commands to query the GitHub GraphQL API and process the results.
  • [EXTERNAL_DOWNLOADS]: The bash script performs network requests to GitHub's official API to retrieve pull request data. GitHub is a well-known service and the data retrieval is necessary for the skill's functionality.
  • [PROMPT_INJECTION]: The skill ingests untrusted data in the form of GitHub pull request comments and review bodies, which creates a surface for indirect prompt injection.
  • Ingestion points: The body fields of reviews and comments fetched from GitHub by the scripts/fetch-pr-data.sh script.
  • Boundary markers: The skill instructions specify that the agent should display the comment bodies using blockquote formatting (>).
  • Capability inventory: The agent has capabilities for shell command execution and file system access.
  • Sanitization: No sanitization, escaping, or instruction-filtering is applied to the comment bodies before they are presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 05:24 PM