investigate-pr

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git and gh CLI tools (e.g., git log, git diff, gh pr view) to retrieve PR information and code changes. These are appropriate for the skill's stated purpose of PR investigation.
  • [SAFE]: The workflow explicitly instructs the agent to perform a security pass over the code, checking for obfuscation, secrets, and vulnerabilities. This is a defensive design choice.
  • [SAFE]: While the skill processes untrusted data (Ingestion points: gh pr view --comments and git diff in SKILL.md; Boundary markers: absent; Capability inventory: git and gh commands; Sanitization: absent), this surface is necessary for its primary function and lacks high-risk capabilities like file-system writes or unauthorized network access.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:48 AM
Security Audit — agent-trust-hub — investigate-pr