Skills
skills/reviewstage/stage-cli/fixing-pr-comments/Gen Agent Trust Hub

fixing-pr-comments

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external data in the form of pull request comments, creating a surface for indirect prompt injection attacks.\n
  • Ingestion points: Fetches PR review threads via gh api graphql in SKILL.md.\n
  • Boundary markers: Absent; there are no instructions to treat comment content as untrusted or to use delimiters to separate comments from instructions.\n
  • Capability inventory: Has the ability to modify local files, create commits, and push changes to the repository (git push) in SKILL.md.\n
  • Sanitization: Absent; the skill does not specify any validation or sanitization of the PR comment content before processing it in the triage or fix steps.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 11:56 AM