pr-review
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of untrusted external content from GitHub pull requests.\n
- Ingestion points: Pull request diffs (gh pr diff) and review comments (gh api pulls/comments).\n
- Boundary markers: Absent; the skill does not use delimiters or instructions to ignore embedded commands in the diff data.\n
- Capability inventory: Shell command execution via git and gh CLI tools.\n
- Sanitization: No sanitization or filtering of the external PR content is specified.\n- [COMMAND_EXECUTION]: The skill executes shell commands using git and gh to manage pull request workflows. These actions are aligned with the skill's primary function and are explicitly scoped to the Significant-Gravitas/AutoGPT repository.
Audit Metadata