skills/neonwatty/linkparty/monitor-ci/Gen Agent Trust Hub

monitor-ci

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a subshell within a command: gh run list --branch $(git branch --show-current). If a branch name is maliciously crafted (e.g., containing semicolons or backticks), it could lead to arbitrary command execution depending on how the underlying platform handles shell expansion.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external, untrusted data from CI logs.
  • Ingestion points: Failed CI job logs are fetched using gh run view <run-id> --log-failed and provided to the agent for categorization and summarization.
  • Boundary markers: There are no specified delimiters or instructions to ignore potential commands embedded within the log files.
  • Capability inventory: The skill possesses the ability to execute shell commands (gh, git) and read repository state.
  • Sanitization: No sanitization or filtering of the log content is performed before the agent processes and summarizes the data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 08:45 PM
Security Audit — agent-trust-hub — monitor-ci