Skills
skills/afollestad/personal-ai-skills/address-pr-feedback/Gen Agent Trust Hub

address-pr-feedback

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill uses established and widely-used command-line tools such as git, gh, jq, and gt for local repository management and GitHub interaction.
  • [SAFE]: All network activity is restricted to GitHub's official API via the gh CLI, which is consistent with the skill's purpose and follows security best practices.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it fetches and processes external pull request comments and review data. 1. Ingestion points: SKILL.md fetches comments and reviews via the gh api. 2. Boundary markers: Absent. 3. Capability inventory: The agent can edit files, rewrite commits, and push branches using git and gh. 4. Sanitization: Absent. This surface is evaluated as safe because the ingestion of external feedback is the core functionality of the skill and the operations are performed using standard developer tooling.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:26 AM
Security Audit — agent-trust-hub — address-pr-feedback