Skills
skills/max-sixty/worktrunk/review-pr/Gen Agent Trust Hub

review-pr

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes content from pull requests which is untrusted external data.
  • Ingestion points: Fetches PR diffs via gh pr diff and PR metadata/comments via various gh api calls in SKILL.md.
  • Boundary markers: Absent. The instructions do not specify any delimiters or safety prompts to isolate PR content from the agent's primary instructions.
  • Capability inventory: Includes the ability to approve PRs (gh pr review --approve), dismiss reviews (gh api .../dismissals), and push code changes (git push) to the repository.
  • Sanitization: Absent. The skill does not perform any validation or filtering of the text obtained from the PR before analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 02:08 PM