Skills
skills/ceedaragents/cyrus/verify-and-ship/Gen Agent Trust Hub

verify-and-ship

Pass

Audited by Gen Agent Trust Hub on Apr 15, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill uses the get_issue tool to ingest external issue descriptions and instructions. This content is then used to validate implementation satisfaction, creating a surface for indirect prompt injection where an attacker could influence agent behavior via issue text.
  • Ingestion points: External data enters the context via the get_issue tool in SKILL.md Section 1.
  • Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions within the ingested issue data.
  • Capability inventory: The skill possesses capabilities for repository manipulation (git push), pull request management (gh pr create, glab mr create), and execution of local scripts (tests, linting, type checking).
  • Sanitization: Absent; the skill does not specify any validation or filtering of the content retrieved from the issue tracker.
  • [COMMAND_EXECUTION]: The skill executes various shell-based developer tools including git, GitHub CLI (gh), and GitLab CLI (glab). It also triggers project-specific quality check scripts (tests, lint, typecheck) as part of its primary function. These operations are within the expected scope of a development automation skill.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 15, 2026, 02:06 PM