pr-analysis
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses a defined MCP server (harness-mcp-v2) to interact with Harness APIs. This execution environment is controlled and scoped to pipeline management tasks.
- [SAFE]: The security review functionality is an instructional checklist for the AI to follow when evaluating code changes. It does not introduce vulnerabilities but rather guides the agent in identifying potential issues like hardcoded secrets or dependency CVEs in the user's PR.
- [SAFE]: Data access is limited to resource listings (pipelines, triggers, executions) within specified organizations and projects, which is necessary for its stated purpose.
Audit Metadata