stale-pr-reminder
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill performs read-only operations on Gitee repositories to identify inactive pull requests based on timestamps.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data in the form of pull request titles and comments from Gitee repositories.
- Ingestion points: Pull request metadata (titles) and comments are retrieved via
get_pull_detailandlist_pull_comments(SKILL.md). - Boundary markers: Absent. The skill does not explicitly instruct the agent to ignore instructions embedded in the PR content.
- Capability inventory: The skill only uses Gitee read tools (
list_repo_pulls,get_pull_detail,list_pull_comments) and does not possess capabilities for file writing, code execution, or non-Gitee network operations. - Sanitization: Absent. PR data is processed as-is.
- Note: While the ingestion surface exists, the lack of dangerous tools makes the risk of this indirect injection negligible.
Audit Metadata