validate-pr
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local
dart run dash_sitecommands to perform site maintenance tasks such as refreshing excerpts, formatting code, and checking link references. These operations are standard for the Flutter documentation repository's build system. - [INDIRECT_PROMPT_INJECTION]: The skill defines a process that ingests and validates content from local Markdown files and code snippets, which may include untrusted input from pull requests.
- Ingestion points: Local Markdown files and code excerpts referenced in SKILL.md.
- Boundary markers: Absent; there are no specific instructions for the agent to use delimiters or ignore embedded content.
- Capability inventory: The skill utilizes shell command execution (dart) to process the site content.
- Sanitization: Content validation and formatting are deferred to the
dash_sitecommand-line tool.
Audit Metadata