Skills
skills/b-mendoza/agent-skills/review-pull-request/Gen Agent Trust Hub

review-pull-request

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from GitHub pull requests (descriptions, comments, and diffs) which could contain instructions designed to manipulate the AI's review.
  • Ingestion points: PR metadata, diffs, and CI logs are ingested by pr-context-collector.md.
  • Capability inventory: The skill can write local files via review-writer.md and post to GitHub using review-poster.md.
  • Boundary markers: It uses structured status contracts and progressive disclosure to summarize data before it reachers the main orchestrator.
  • Sanitization: Verification is performed by review-verifier.md, and all posting operations require explicit user approval (PREVIEW_APPROVED=true).
  • [EXTERNAL_DOWNLOADS]: Fetches best practices, security checklists, and technical documentation from well-known and trusted sources including Google, GitLab, OWASP, and GitHub to guide the review process.
  • [COMMAND_EXECUTION]: Uses the GitHub CLI (gh) and REST API to retrieve PR data and submit review comments; these actions are central to the skill's purpose and include a confirmation gate for posting.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 03:20 PM