Skills
skills/windmill-labs/windmill/local-review/Gen Agent Trust Hub

local-review

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill utilizes standard developer utilities (git, gh) to perform expected repository maintenance and review tasks.\n- [PROMPT_INJECTION]: The skill ingests and processes untrusted data from pull request diffs and metadata, creating a surface for indirect prompt injection.\n
  • Ingestion points: Data enters the context via git diff, gh pr diff, gh pr view, and root/local CLAUDE.md files.\n
  • Boundary markers: No markers or warnings are used to distinguish untrusted data from the skill's instructions.\n
  • Capability inventory: The skill can read local source code and post comments to GitHub pull requests.\n
  • Sanitization: No input validation or content filtering is performed on the ingested PR data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 02:15 AM