Skills
skills/openshift-hyperfleet/hyperfleet-claude-plugins/review-pr/Gen Agent Trust Hub

review-pr

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill performs dynamic environment discovery at load time using the !command syntax. It checks for the availability of the gh and jira CLIs and verifies the presence of the hyperfleet-architecture skill in the local filesystem to enable optional features.
  • [COMMAND_EXECUTION]: Uses the Bash tool to execute CLI commands (gh, jira, git) that incorporate user-provided arguments, such as PR URLs. To mitigate command injection risks, the skill requires a mandatory validation step to verify the format of the PR reference before any commands are executed.
  • [EXTERNAL_DOWNLOADS]: Fetches markdown-based architecture standards and guidelines from the author's GitHub repository (openshift-hyperfleet/architecture). These files are used as reference material for the review agents. As these resources belong to the skill's author, they represent expected vendor functionality.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external sources, including GitHub PR titles, bodies, comments, and JIRA ticket descriptions. This creates a surface for indirect prompt injection. The skill provides explicit instructions to the agent to treat all fetched content strictly as data for analysis and never as commands to be followed.
  • [COMMAND_EXECUTION]: Coordinates multiple sub-agents using the Agent tool to perform parallel mechanical code passes and impact analysis. These agents process the PR diff and standards but are restricted by the parent skill's instructions regarding untrusted content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 06:21 PM