awesome-web-agents-pr-review

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes gh (GitHub CLI) and git commands to view, diff, and fetch pull request data. These operations are limited to the specific repository steel-dev/awesome-web-agents and are consistent with the skill's stated purpose.
  • [COMMAND_EXECUTION]: The workflow involves executing a local Python script scripts/validate_contribution.py to perform structural checks. This script belongs to the repository provided by the vendor.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from GitHub pull request titles, descriptions, and code patches, which presents an attack surface for indirect prompt injection.
  • Ingestion points: Pull request metadata and diff content via gh pr view and gh pr diff in SKILL.md.
  • Boundary markers: None explicitly defined to isolate untrusted PR content from the agent's instructions.
  • Capability inventory: The skill has access to the local filesystem, network (via gh and git), and the ability to execute Python scripts.
  • Sanitization: No content sanitization or validation of the PR text is specified before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 03:59 PM
Security Audit — agent-trust-hub — awesome-web-agents-pr-review