Skills
skills/latitude-dev/latitude-llm/ci-watchdog/Gen Agent Trust Hub

ci-watchdog

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection as it processes untrusted data from external CI logs.
  • Ingestion points: Untrusted data enters the agent context through CI logs fetched via gh run view --log-failed and check outputs parsed by scripts/parse_failures.py.
  • Boundary markers: The skill lacks delimiters or specific instructions to ignore embedded commands within the log data it processes.
  • Capability inventory: The agent is authorized to modify the codebase (file writes), execute shell commands (diagnostics and builds), and perform git operations including push.
  • Sanitization: There is no evidence of sanitization, filtering, or validation of the content retrieved from CI logs before it is analyzed for fixes.
  • [COMMAND_EXECUTION]: The skill relies on executing various shell commands to perform its core functions.
  • Evidence: Uses gh pr checks, gh run view, and python3 scripts/parse_failures.py for monitoring. It also suggests running diagnostic tools like pyright or test runners based on the failures detected.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 05:50 PM