contributing
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Standard Development Commands: The skill includes instructions for running project-specific scripts and build tools, such as
./local-env-setup.shand./gradlew. These are standard components of the Apache Beam build system and are intended for use within the project's development environment. - Trusted Resource References: The skill directs users and agents to official Apache Software Foundation domains (e.g., beam.apache.org, s.apache.org, and the apache/beam GitHub repository) for documentation, issue tracking, and collaboration. These are well-known, trusted locations for open-source development.
- Automated Workflow Integration: The use of trigger phrases for issue management (e.g.,
.take-issue) and test execution (e.g.,retest this please) reflects standard automation practices used by the Apache Beam community to manage large-scale contributions efficiently. - Indirect Data Processing: As the skill involves interacting with external content like GitHub issues and pull requests, it is a best practice for agents to handle such content as untrusted data to mitigate the potential for indirect prompt injection from external sources.
Audit Metadata