pr-test-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection as it processes untrusted data from pull requests. 1. Ingestion points: Code changes and file contents retrieved via the git diff command in Bash and the Read tool. 2. Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands within the analyzed PR data. 3. Capability inventory: The skill has access to Bash (command execution), Read (file access), and Glob/Grep. 4. Sanitization: Absent; no validation or escaping of the PR content is performed before it is analyzed by the model.
Audit Metadata