drive-pr-local-review
Pass
Audited by Gen Agent Trust Hub on May 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses standard command-line utilities such as
gitand the GitHub CLI (gh) to extract context from the repository and pull request metadata. These actions are aligned with the skill's stated purpose. - [SAFE]: File system operations are restricted to writing review artifacts in a local
wip/directory or alongside existing project specification files. No unauthorized file modifications or deletions are performed. - [SAFE]: The skill utilizes specialized personas (tech-lead, architect, principal-engineer) to provide focused technical feedback. This methodology improves the quality of the review without expanding the agent's technical privileges.
- [PROMPT_INJECTION]: The skill identifies an attack surface for indirect prompt injection because it ingests untrusted data from GitHub PR descriptions and Linear tickets. However, the instructions direct the agent to ground all conclusions in literal source code analysis and test assertion verification, which provides a high degree of resistance against adversarial instructions in the input data.
Audit Metadata