Skills
skills/prisma/prisma-next/review-implement-phase/Gen Agent Trust Hub

review-implement-phase

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and a set of local Node.js scripts to perform repository operations, such as creating commits and resolving review threads. These commands are executed through standard subprocess methods with appropriate argument handling.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes action items generated from pull request reviews. Although reading external data creates a potential surface for indirect prompt injection, the risk is minimized by the use of structured communication (JSON) and the specific design of the implementation scripts.
  • [DATA_EXPOSURE]: The skill includes preflight checks to ensure the gh CLI is properly authenticated and has the required repo scope. This ensures that the agent has the necessary permissions to manage pull request threads before beginning work, which is a legitimate operational requirement.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 05:56 AM