implement-to-merge-ready
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes repository files (e.g.,
AGENTS.md) and pull request comments, which presents an indirect prompt injection surface. These inputs inform implementation and verification actions.\n - Ingestion points:
AGENTS.md, source code,git status, and PR comments.\n - Boundary markers: No specific markers or instructions to isolate these inputs are present.\n
- Capability inventory: File system access, script execution, and GitHub API interactions.\n
- Sanitization: No explicit sanitization of ingested content.\n- [COMMAND_EXECUTION]: The workflow requires executing local repository commands for testing, linting, and building, which are defined by the project's environment.\n- [DATA_EXFILTRATION]: The skill transmits code and repository data to GitHub and remote git servers during the pull request lifecycle.
Audit Metadata