Skills
skills/xinbenlv/codereview-skills/retrieve-diff-from-github-pr/Gen Agent Trust Hub

retrieve-diff-from-github-pr

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill retrieves untrusted data from GitHub Pull Requests that is subsequently processed by other agent skills in a pipeline.
  • Ingestion points: get_pull_request (PR description) and get_pull_request_files (diff patches) in SKILL.md.
  • Boundary markers: Absent. PR content is formatted into markdown structures without explicit delimiters or instructions for downstream skills to ignore potentially malicious instructions embedded in the PR data.
  • Capability inventory: GitHub read operations via MCP tools. Output is passed to orchestrators and specialist review skills.
  • Sanitization: Absent. Content is passed as-is to the next pipeline stages.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:47 AM