audit-asc-pr

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions involve building a binary and executing realistic invocations against it to verify code changes in a pull request branch.
  • [EXTERNAL_DOWNLOADS]: Fetches pull request metadata, commits, and thread-aware review states using the GitHub GraphQL API.
  • [PROMPT_INJECTION]: The skill processes untrusted pull request data which may contain malicious instructions.
  • Ingestion points: PR body, commit messages, review comments, and the AGENTS.md file.
  • Boundary markers: The instructions do not specify explicit delimiters or markers to isolate untrusted PR content from the agent's core instructions.
  • Capability inventory: Pushing code to pull request branches, building and executing binaries, and interacting with the App Store Connect API.
  • Sanitization: No explicit sanitization or filtering of the ingested pull request content is described.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 02:43 AM
Security Audit — agent-trust-hub — audit-asc-pr