Skills
skills/bahayonghang/my-claude-code-settings/gh-fix-ci/Gen Agent Trust Hub

gh-fix-ci

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from GitHub Actions logs and PR check names, creating a surface for indirect prompt injection.
  • Ingestion points: The script scripts/inspect_pr_checks.py retrieves external content through gh pr checks and gh run view --log.
  • Boundary markers: The skill does not use specific delimiters or instructions to prevent the agent from following potential commands embedded in log snippets.
  • Capability inventory: The agent has access to Bash and python tools and is instructed to execute local reproduction commands and implement fixes.
  • Sanitization: No sanitization is performed on the log content or metadata before it is presented to the agent.
  • [COMMAND_EXECUTION]: The script scripts/inspect_pr_checks.py executes system commands (gh, git) using the subprocess module. While it uses safe argument passing (list-based), it operates on data derived from the repository environment and PR metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 02:49 PM