review-feature-branch
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to query repository information and pull request metadata. These operations are used to determine the default branch and check for existing pull requests associated with the current branch.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface.\n
- Ingestion points: The skill ingests untrusted data from external sources via the /peer-review (branch code) and /review-pr-comments (PR comment threads) sub-skills.\n
- Boundary markers: There are no explicit boundary markers or instructions within this orchestration skill to treat the data from comments or code as untrusted or to ignore any embedded instructions.\n
- Capability inventory: The agent has the capability to execute gh commands, call sub-skills, and potentially apply changes to the codebase through the /finalize phase.\n
- Sanitization: No explicit sanitization, filtering, or validation of the content retrieved from PR comments or feature branch code is performed before it is passed to the evaluation and finalization phases.
Audit Metadata