Skills
skills/zenon-red/skills/zoe-validating-reviews/Gen Agent Trust Hub

zoe-validating-reviews

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh) to retrieve PR reviews, comments, and to perform merges within repositories belonging to the vendor organization (zenon-red). It also employs a custom tool called probe to update project directives upon task completion. These are standard operational commands for the stated purpose of the skill.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its core functionality of processing external data to drive automated actions.\n
  • Ingestion points: External review comments and reviewer identities are retrieved via gh pr view and processed by the agent (found in SKILL.md).\n
  • Boundary markers: None are present; the skill does not use delimiters or provide instructions to the agent to ignore potentially malicious content within the comments.\n
  • Capability inventory: The agent has the ability to merge code into the repository (gh pr merge) and update project directives (probe message directive) as defined in SKILL.md.\n
  • Sanitization: No sanitization or validation steps are defined; the agent is instructed to directly evaluate the content of all comments for "Critical" severity issues.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 06:20 PM