Skills
skills/getsentry/skills/gh-review-requests/Gen Agent Trust Hub

gh-review-requests

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to call the gh (GitHub CLI) tool. This is a legitimate and expected use case for a GitHub-related utility.
  • Evidence: scripts/fetch_review_requests.py contains the gh function which executes subprocess.run(["gh", "api", path], ...).
  • Security Evaluation: The command is constructed using a list (not a raw shell string), which prevents shell injection. The --org and --teams arguments are processed via argparse and sanitized before being interpolated into API paths.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 06:30 PM