Skills
skills/boshi-xixixi/agenticflow-skills/Gitee Workflow Automation/Gen Agent Trust Hub

Gitee Workflow Automation

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The workflow for PR automation involves executing local shell commands (e.g., RunCommand) to push code to remote branches.
  • [PROMPT_INJECTION]: The skill processes untrusted data from Gitee (Issues, PR descriptions, and code diffs), which presents a surface for indirect prompt injection.
  • Ingestion points: Data retrieved via mcp_gitee_list_repo_issues, mcp_gitee_get_pull_detail, and mcp_gitee_get_diff_files (SKILL.md).
  • Boundary markers: Absent. The instructions do not explicitly tell the agent to ignore or delimit instructions found within the retrieved Gitee data.
  • Capability inventory: The agent can create/modify issues and pull requests, and execute commands via RunCommand (SKILL.md).
  • Sanitization: No sanitization or validation of external content is mentioned before the agent analyzes or uses the data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 06:02 AM