finalize-pr
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Orchestrates pull request workflows using vendor-internal tools (
push-pr,wait-ci, andfix-pr). - [PROMPT_INJECTION]: The skill implements an automated feedback loop that ingests untrusted data from CI failures and pull request comments to drive code modifications.
- Ingestion points: CI status and review comments retrieved by
codagent:wait-ciin SKILL.md. - Boundary markers: No explicit boundary markers or isolation instructions are defined in the orchestration logic.
- Capability inventory: The
codagent:fix-prtool has the capability to modify the codebase based on the ingested input. - Sanitization: No sanitization or validation of external comments is mentioned before they are processed by the fixing tool.
- [SAFE]: Employs explicit safety termination rules, including a maximum limit of three fix cycles and detection of persistent failure signatures, to prevent runaway resource usage or repetitive errors.
Audit Metadata