receiving-code-review
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides templates for using the GitHub CLI tool (
gh api) to automate replies to pull request comments within the repository workflow. - [INDIRECT_PROMPT_INJECTION]: The skill establishes a protocol for processing external data (code review feedback), which is a common attack surface for indirect instructions.
- Ingestion points: External code review comments and feedback from third-party reviewers (SKILL.md).
- Boundary markers: Not explicitly defined in the provided text.
- Capability inventory: Code implementation/modification and network operations via the
ghcommand (SKILL.md). - Sanitization: Not present; the skill relies on the agent's skepticism and manual verification logic.
Audit Metadata