Skills
skills/pbakaus/agent-reviews/resolve-agent-reviews/Gen Agent Trust Hub

resolve-agent-reviews

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches the agent-reviews package from the NPM registry using runners like npx, pnpm dlx, or yarn dlx.
  • [REMOTE_CODE_EXECUTION]: The skill executes code from the downloaded agent-reviews package to evaluate and resolve PR comments.
  • [COMMAND_EXECUTION]: The skill runs shell commands for repository management, including git add, git commit, and git push, as well as the author's CLI tool.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from external sources.
  • Ingestion points: Reads full comment bodies from external PR review bots via the agent-reviews --expanded command.
  • Boundary markers: Absent. The skill does not use delimiters or instructions to isolate untrusted comment data.
  • Capability inventory: The agent has the capability to modify source code, stage files, commit changes, and push to remote repositories.
  • Sanitization: Absent. No filtering or escaping is applied to the fetched comment content before it is evaluated by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 02:46 PM