resolve-comments
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the official GitHub CLI ('gh') to perform read and write operations on pull request data. These operations are limited to the specific repository context and are consistent with the skill's stated purpose.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes external PR comments which could contain malicious instructions.
- Ingestion points: Pull Request comment bodies are fetched via 'gh api' in SKILL.md.
- Boundary markers: None are defined to isolate external comment content from the agent's instructions.
- Capability inventory: The agent can modify local files and execute GitHub API mutations (replies and thread resolution) as described in SKILL.md.
- Sanitization: No explicit sanitization or filtering of the ingested comment text is performed.
- Control: The instructions mandate that the agent must present its analysis and proposed actions to the user for final approval, effectively mitigating the risk of automated execution of injected instructions.
Audit Metadata