release-health-gates
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection via ingestion of external GitHub metadata.
- Ingestion points: The skill reads data from GitHub API endpoints including check-suites, deployments, and issues in modules/quality-signals.md.
- Boundary markers: The instructions do not define delimiters or isolation markers to separate external data from the agent's prompt context.
- Capability inventory: The skill interacts with the minister-tracker tool and formats markdown for deployment PRs.
- Sanitization: No explicit sanitization or validation of content retrieved from GitHub is specified.
Audit Metadata