dependabot-review
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automates repository management using the GitHub CLI (gh). It performs read operations (list, checks) and write operations (merge) based on predefined logic.
- [PROMPT_INJECTION]: The skill processes external data (pull request titles and branch names) from the GitHub API, creating an indirect prompt injection surface.
- Ingestion points: JSON output from the
gh pr listcommand. - Boundary markers: Not explicitly defined in instructions.
- Capability inventory: Execution of
gh pr mergeandgh pr checksbased on processed data. - Sanitization: The skill implements strict author filtering, only acting on PRs from the verified dependabot bot account.
- [DATA_EXFILTRATION]: No sensitive data access or unauthorized network transfers were detected. Network operations are limited to the official GitHub API via the standard CLI tool.
- [EXTERNAL_DOWNLOADS]: The skill does not download or execute any remote scripts, binaries, or untrusted third-party dependencies.
Audit Metadata