changelog
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic and instructions focus on the benign task of summarizing repository activity for internal teams. No malicious intent, obfuscation, or safety bypasses were identified.
- [COMMAND_EXECUTION]: The skill uses the
ghcommand-line tool to retrieve PR and issue information. This is a standard and safe operation for repository management and does not involve the execution of untrusted code or commands. - [DATA_EXFILTRATION]: The skill includes documentation for an optional Discord webhook integration. Since it targets a well-known service (discord.com) and uses placeholders for credentials, it is considered a safe and standard practice for notifications.
- [PROMPT_INJECTION]: The skill processes untrusted data from PR descriptions and issue details. Although this creates an indirect prompt injection surface, the risk is minimal given that the skill's primary purpose is text summarization. 1. Ingestion points: PR titles, descriptions, and issue context. 2. Boundary markers: Absent. 3. Capability inventory:
gh(read) andcurl(write). 4. Sanitization: Absent.
Audit Metadata