Skills
skills/waybarrios/opencode-power-pack/code-review/Gen Agent Trust Hub

code-review

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it processes untrusted data from GitHub pull requests to perform its analysis.
  • Ingestion points: The skill retrieves pull request metadata (title, body) and code changes (diffs) using gh pr view and gh pr diff during the summarization and parallel reviewer steps.
  • Boundary markers: There are no explicit instructions to use delimiters or boundary markers to isolate the untrusted PR content from the agent's instructions.
  • Capability inventory: The skill can read repository files, execute shell commands via git and gh, and perform write operations by posting comments to GitHub using gh pr comment.
  • Sanitization: The instructions do not specify any validation or sanitization of the PR content before it is processed by the reviewer agents.
  • [COMMAND_EXECUTION]: The skill relies on the execution of external command-line tools to fulfill its primary purpose.
  • Evidence: The workflow explicitly instructs the use of git diff, gh pr view, gh pr diff, and gh pr comment to interact with the local environment and the GitHub service.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 12:32 PM