Skills
skills/yusuke-suzuki/dotfiles/resolve-comments/Gen Agent Trust Hub

resolve-comments

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from GitHub PR comments.
  • Ingestion points: The gh api call in SKILL.md fetches comment bodies which are external, user-generated content.
  • Boundary markers: There are no explicit markers or instructions to treat the comment text as data rather than instructions.
  • Capability inventory: The agent has the ability to modify source code and execute GitHub API calls (replies/resolutions) based on these comments.
  • Sanitization: No sanitization or filtering is performed on the incoming comment text before analysis.
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI tool to perform its operations.
  • Evidence: Uses gh pr view, gh api, and gh api graphql throughout SKILL.md to interact with the repository and pull requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 03:28 AM