drive
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes git for repository management and shell commands like sleep and kill for its scheduling and concurrency guard logic. These are appropriate for its stated function.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data from pull request comments and reviews. It mitigates indirect prompt injection risks through a detailed evidence chain: 1. Ingestion points: PR comments and reviews are read via GitHub MCP methods in references/platforms/github.md. 2. Boundary markers: External data is delimited by markdown section headers. 3. Capability inventory: Modification of repository state and manifests via git and MCP tools. 4. Sanitization: Implementation of classification decision trees and bot identification to filter and triage external feedback.
- [DYNAMIC_EXECUTION]: A fallback scheduling mechanism in references/fallback-inline.md uses the Skill tool to recursively invoke itself, providing a self-contained automation loop when platform-level scheduling is absent.
Audit Metadata