pr-to-lint-rule
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing untrusted natural language descriptions via the
$ARGUMENTSparameter to generate code and documentation. - Ingestion points: The skill accepts user-supplied text for the PR feedback description in
SKILL.md. - Boundary markers: There are no explicit delimiters or instructions to the model to ignore potential commands embedded within the user input.
- Capability inventory: The skill provides the agent with the ability to create new source files (e.g.,
eslint-rules/,clippy.toml) and append content toCLAUDE.md. - Sanitization: No input validation is performed on the provided description before it is used to generate file content.
- Risk mitigation: The skill explicitly instructs the agent to present all generated content to the user and request permission before writing any files, maintaining a human-in-the-loop requirement that mitigates the risk of unauthorized file modifications.
Audit Metadata