Skills
skills/reviewstage/stage-cli/fixing-ci/Gen Agent Trust Hub

fixing-ci

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill involves reading external CI logs, which constitutes an indirect prompt injection surface.\n
  • Ingestion points: Untrusted data enters the agent context via the gh run view command in SKILL.md.\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential instructions embedded in the log output.\n
  • Capability inventory: The skill makes use of pnpm (test execution), git (branching and commits), and gh (interaction with GitHub runs).\n
  • Sanitization: No content sanitization or validation of the log output is specified before the agent evaluates it.\n- [NO_CODE]: The skill does not bundle any custom scripts or binary executables, relying entirely on existing environment tools.\n- [SAFE]: The identified commands (git, pnpm, gh) are used for their intended primary purposes in a standard development workflow, with no patterns suggesting data exfiltration or credential theft.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 11:57 AM