Skills
skills/v1-io/v1tamins/address-review/Gen Agent Trust Hub

address-review

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh (GitHub CLI) tool within a Bash environment to perform API calls. It uses gh api to fetch pull request comments and post replies, and uses jq to parse the resulting JSON data.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and act upon data from an untrusted source (arbitrary comments on a GitHub PR).
  • Ingestion points: Fetches unreplied line-specific and general PR comments via gh api and jq filters.
  • Boundary markers: No technical delimiters or 'ignore' instructions are used to wrap the ingested comment text.
  • Capability inventory: The agent is granted Edit and Bash capabilities, which allow it to modify the codebase and commit/push changes based on the evaluated comments.
  • Sanitization: There is no programmatic sanitization of comment content; the skill relies on the AI agent's instruction to 'critically evaluate' whether a suggestion is valid before implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 08:58 AM