Skills
skills/tobihagemann/turbo/review-pr-comments/Gen Agent Trust Hub

review-pr-comments

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from external GitHub PR comments, creating an indirect prompt injection surface.
  • Ingestion points: Fetching the 'body' and 'author' fields of review comments via the GitHub API in SKILL.md.
  • Boundary markers: The skill uses Markdown blockquotes to present the external content.
  • Capability inventory: The skill is limited to read operations using 'gh api' and does not have write access to the filesystem or the ability to execute arbitrary code.
  • Sanitization: No explicit content filtering or sanitization is performed on the comment text before it is presented to the agent.
  • [COMMAND_EXECUTION]: The skill uses the 'gh' (GitHub CLI) tool to perform its primary function. This is a well-known and trusted tool for interacting with the GitHub API, and the skill uses secure parameter passing methods for repository and PR identifiers.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:21 AM