Skills
skills/steipete/agent-scripts/github-deep-review/Gen Agent Trust Hub

github-deep-review

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands including gh, git, and rg to retrieve issue details, PR diffs, and repository state.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted content from GitHub issues and pull requests.
  • Ingestion points: The agent uses gh issue view, gh pr view, and gh pr diff to bring external content into the context (SKILL.md).
  • Boundary markers: The skill does not define specific delimiters or instructions to ignore potential commands embedded within the GitHub issues or PR descriptions.
  • Capability inventory: The agent has access to shell execution (gh, git, rg) and can read local files at specified paths like ~/Projects/agent-scripts/.
  • Sanitization: There is no evidence of content sanitization or validation before the ingested data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 06:37 AM