Skills
skills/qwibitai/nanoclaw-skills/qodo-pr-resolver/Gen Agent Trust Hub

qodo-pr-resolver

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill frequently executes shell commands using git and various git provider CLIs (gh, glab, bb, az) to perform repository operations, fetch pull request metadata, and post comments back to the provider.
  • [PROMPT_INJECTION]: The skill exhibits a vulnerability to indirect prompt injection by ingesting untrusted data from pull request comments and using it to drive code modifications. It specifically instructs the agent to follow 'agent prompts' found in these comments as direct, literal instructions for code changes.
  • Ingestion points: Pull request summary comments and inline review comments fetched from external git provider APIs (specified in SKILL.md and providers.md).
  • Boundary markers: Absent. The instructions mandate following the external prompt literally without reinterpretation or independent validation.
  • Capability inventory: Extensive file system modification via Edit and Write tools, network interaction via provider APIs, and command execution via git and other CLIs.
  • Sanitization: None. The skill does not validate or sanitize the content of the comments before processing them as instructions to modify the codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:39 AM