Skills
skills/warpdotdev/warp/review-pr/Gen Agent Trust Hub

review-pr

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted external data which could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: The agent reads pr_diff.txt and pr_description.txt (SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to treat the diff or description as untrusted data or to ignore embedded commands.
  • Capability inventory: The skill involves writing to the local file system (review.json) and executing shell commands (jq) (SKILL.md).
  • Sanitization: None; the content from the PR files is used directly for analysis without filtering or escaping.
  • [COMMAND_EXECUTION]: The instructions require the agent to execute the jq utility to validate the generated JSON output (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:52 PM