openclaw-pr-maintainer

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a workflow for maintainers to triage and manage GitHub issues and pull requests. It includes explicit security instructions for the agent to prevent command injection vulnerabilities. For instance, it requires using single-quoted heredocs (`-F
  • <<'EOF'`) when generating GitHub comments to ensure that untrusted content from issue bodies or PR titles is not interpreted as shell commands. The skill also establishes a 'bug-fix evidence bar' to prevent speculative or unverified code changes and includes safety confirmation prompts for bulk actions affecting multiple items. All tool usage (Git and GitHub CLI) is aligned with standard development practices and does not involve accessing sensitive credentials or performing unauthorized network operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — openclaw-pr-maintainer