pr-guardian
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill follows best practices for automated workflows, including retry limits and manual intervention triggers.
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh) for routine pull request management, such as viewing status and monitoring workflow runs. - [PROMPT_INJECTION]: The skill ingests external data from pull request comments and feedback, creating an indirect prompt injection surface. This is handled as a functional requirement for the skill's operation.
- Ingestion points: Pull request views and review threads accessed via
gh pr viewand comment inspection. - Boundary markers: Not explicitly defined in the instructions.
- Capability inventory: Modifying source code, committing changes, pushing to git remotes, and posting PR comments.
- Sanitization: None specified; the skill relies on the instruction to treat suggestions as review input rather than direct commands.
Audit Metadata