Skills
skills/kadel/claude-plugins/review-documentation/Gen Agent Trust Hub

review-documentation

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it instructs the agent to process untrusted data from GitHub pull request diffs.
  • Ingestion points: Data is retrieved from external pull requests via the gh pr diff command as described in SKILL.md.
  • Boundary markers: Absent. The instructions do not provide delimiters or specific guidelines for the agent to distinguish between its operational instructions and the potentially malicious text contained within the documentation being reviewed.
  • Capability inventory: The skill utilizes the gh (GitHub CLI) tool to read repository data. It does not explicitly perform file system writes or arbitrary network requests.
  • Sanitization: Absent. Content from the PR diff is evaluated directly without filtering or escaping.
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to automate the retrieval of pull request information and differences. While these are standard developer tools, they operate on external repository data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 02:14 PM