audit-asc-pr
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions involve building a binary and executing realistic invocations against it to verify code changes in a pull request branch.
- [EXTERNAL_DOWNLOADS]: Fetches pull request metadata, commits, and thread-aware review states using the GitHub GraphQL API.
- [PROMPT_INJECTION]: The skill processes untrusted pull request data which may contain malicious instructions.
- Ingestion points: PR body, commit messages, review comments, and the AGENTS.md file.
- Boundary markers: The instructions do not specify explicit delimiters or markers to isolate untrusted PR content from the agent's core instructions.
- Capability inventory: Pushing code to pull request branches, building and executing binaries, and interacting with the App Store Connect API.
- Sanitization: No explicit sanitization or filtering of the ingested pull request content is described.
Audit Metadata