detect-ci-antipatterns
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and parse untrusted data from
.github/workflows/*.ymlfiles. While this creates a surface for indirect prompt injection, the skill lacks dangerous capabilities such as file-writing or network operations that could be exploited by such an injection. - Ingestion points: Processes external CI configuration files located in
.github/workflows/as defined inSKILL.md. - Boundary markers: None identified; the skill does not specify delimiters or instructions to ignore embedded commands within the processed YAML files.
- Capability inventory: None. The skill generates analysis reports and recommendations but does not perform system-level actions.
- Sanitization: None specified for the input parsing process.
Audit Metadata