coderabbit-interactions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious instructions, hardcoded credentials, or obfuscation were detected in the analyzed SKILL.md file.
- PROMPT_INJECTION (SAFE): The skill references scripts that ingest PR comments (scripts/export-comments.ts), which is a surface for indirect prompt injection. However, no malicious interpolation or vulnerable logic is present in this file. Evidence: (1) Ingestion: scripts/export-comments.ts (2) Boundary markers: Absent (3) Capability inventory: scripts/reply-to-threads.ts (4) Sanitization: Absent.
- COMMAND_EXECUTION (SAFE): The skill documentation references CLI integration and local scripts, which is consistent with its stated purpose of automating CodeRabbit interactions.
Audit Metadata