ha-pr-reviewer

Pass

Audited by Gen Agent Trust Hub on Jul 4, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious activity or patterns were detected. The skill uses official GitHub CLI commands (gh pr view and gh pr diff) to fetch data for review purposes, which is consistent with its stated functionality. It explicitly instructs the agent to keep feedback within the console and avoid direct actions on GitHub, which serves as a safety constraint.
  • [PROMPT_INJECTION]: The skill processes untrusted pull request descriptions and code diffs, which creates an attack surface for indirect prompt injection. \n
  • Ingestion points: Pulled content from gh pr view and gh pr diff in SKILL.md. \n
  • Boundary markers: None utilized to isolate PR content from instructions. \n
  • Capability inventory: Limited to read-only tool usage in the provided file; no dangerous execution or file-write capabilities were identified. \n
  • Sanitization: No validation or sanitization of the PR data is performed before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 4, 2026, 06:24 PM
Security Audit — agent-trust-hub — ha-pr-reviewer