Skills
skills/warpdotdev/warp/review-pr-local/Gen Agent Trust Hub

review-pr-local

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external PR descriptions and comments to determine its review recommendations.
  • Ingestion points: The agent is instructed to analyze pr_description.txt and PR comments (found in SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in this specialization file.
  • Capability inventory: The skill generates review comments and recommendations but does not exhibit dangerous capabilities like shell execution, file system writes, or network requests.
  • Sanitization: There is no evidence of sanitization or filtering of the processed PR content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:52 PM