Skip to main content

github-code-review

Facilitates code reviews for pull requests on GitHub, enabling inline comments and diffs for quality assurance.

Install this skill

or
75/100

Security score

The github-code-review skill was audited on Jun 11, 2026 and we found 17 security issues across 3 threat categories. Review the findings below before installing.

Categories Tested

Security Issues

medium line 25

Template literal with variable interpolation in command context

SourceSKILL.md
25```bash
medium line 337

Template literal with variable interpolation in command context

SourceSKILL.md
337```bash
low line 33

Access to hidden dotfiles in home directory

SourceSKILL.md
33elif grep -q "github.com" ~/.git-credentials 2>/dev/null; then
low line 34

Access to hidden dotfiles in home directory

SourceSKILL.md
34GITHUB_TOKEN=$(grep "github.com" ~/.git-credentials 2>/dev/null | head -1 | sed 's|https://[^:]*:\([^@]*\)@.*|\1|')
low line 31

Access to .env file

SourceSKILL.md
31if _hermes_env="${HERMES_HOME:-$HOME/.hermes}/.env"; [ -f "$_hermes_env" ] && grep -q "^GITHUB_TOKEN=" "$_hermes_env"; then
low line 34

External URL reference

SourceSKILL.md
34GITHUB_TOKEN=$(grep "github.com" ~/.git-credentials 2>/dev/null | head -1 | sed 's|https://[^:]*:\([^@]*\)@.*|\1|')
low line 146

External URL reference

SourceSKILL.md
146https://api.github.com/repos/$OWNER/$REPO/pulls/$PR_NUMBER \
low line 159

External URL reference

SourceSKILL.md
159https://api.github.com/repos/$OWNER/$REPO/pulls/$PR_NUMBER/files \
low line 200

External URL reference

SourceSKILL.md
200https://api.github.com/repos/$OWNER/$REPO/issues/$PR_NUMBER/comments \
low line 226

External URL reference

SourceSKILL.md
226https://api.github.com/repos/$OWNER/$REPO/pulls/$PR_NUMBER \
low line 231

External URL reference

SourceSKILL.md
231https://api.github.com/repos/$OWNER/$REPO/pulls/$PR_NUMBER/comments \
low line 256

External URL reference

SourceSKILL.md
256https://api.github.com/repos/$OWNER/$REPO/pulls/$PR_NUMBER \
low line 261

External URL reference

SourceSKILL.md
261https://api.github.com/repos/$OWNER/$REPO/pulls/$PR_NUMBER/reviews \
low line 359

External URL reference

SourceSKILL.md
359https://api.github.com/repos/$GH_OWNER/$GH_REPO/pulls/$PR_NUMBER
low line 363

External URL reference

SourceSKILL.md
363https://api.github.com/repos/$GH_OWNER/$GH_REPO/pulls/$PR_NUMBER/files
low line 421

External URL reference

SourceSKILL.md
421https://api.github.com/repos/$GH_OWNER/$GH_REPO/pulls/$PR_NUMBER \
low line 427

External URL reference

SourceSKILL.md
427https://api.github.com/repos/$GH_OWNER/$GH_REPO/pulls/$PR_NUMBER/reviews \
Scanned on Jun 11, 2026
View Security Dashboard
Installation guide →
GitHub Stars 185.0K
Rate this skill
Categorydevelopment
UpdatedJune 15, 2026
hermesfrontenddesignplaywrightdocxgitapidatabasetestingbackendfrontend-developerbackend-developerfullstack-developerqa-engineerdevops-sregithubdevelopment
NousResearch/hermes-agent