pr-guardian

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows best practices for automated workflows, including retry limits and manual intervention triggers.
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh) for routine pull request management, such as viewing status and monitoring workflow runs.
  • [PROMPT_INJECTION]: The skill ingests external data from pull request comments and feedback, creating an indirect prompt injection surface. This is handled as a functional requirement for the skill's operation.
  • Ingestion points: Pull request views and review threads accessed via gh pr view and comment inspection.
  • Boundary markers: Not explicitly defined in the instructions.
  • Capability inventory: Modifying source code, committing changes, pushing to git remotes, and posting PR comments.
  • Sanitization: None specified; the skill relies on the instruction to treat suggestions as review input rather than direct commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 11:35 AM
Security Audit — agent-trust-hub — pr-guardian