Skills
skills/github/awesome-copilot/pr-dashboard/Gen Agent Trust Hub

pr-dashboard

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the GitHub CLI (gh) to retrieve pull request information and manage authentication status. It also uses system commands (open, xdg-open, or start) to display the generated dashboard in the user's default browser.
  • [EXTERNAL_DOWNLOADS]: The script communicates with GitHub's official APIs to fetch pull request metadata. GitHub is a well-known service, and these operations are necessary for the skill's stated purpose.
  • [DATA_EXPOSURE]: The skill accesses pull request titles, summaries, and statuses from the user's GitHub account to populate the dashboard. This data access is transparent and aligns with the tool's intended functionality.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data (pull request content from GitHub). It implements proper HTML escaping and sanitization before rendering this content in the browser dashboard, minimizing the risk of cross-site scripting (XSS) or injection via malicious PR data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 04:01 AM