ask-review
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git and gh shell commands to manage branches and pull requests, which is necessary for its core functionality.
- [DATA_EXFILTRATION]: Network activity is restricted to authenticated interactions with the user's configured Git remotes and the GitHub API.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes code diffs. Ingestion points: git diff output in SKILL.md. Boundary markers: The subagent dispatch instructions in subagent-dispatch.md restrict context and specify the diff should be read as a proposal. Capability inventory: Shell command execution and subagent task creation. Sanitization: Not explicitly defined for the diff content.
Audit Metadata