Skills
skills/dolesshq/self-obsolescence/gh-pr-clean-loop/Gen Agent Trust Hub

gh-pr-clean-loop

Pass

Audited by Gen Agent Trust Hub on Apr 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The helper script scripts/pr_health.py executes the gh command-line tool via the subprocess.run function to query repository information, pull request status, CI checks, and to resolve review threads.
  • [DATA_EXFILTRATION]: The skill instructions direct the agent to perform git push operations to update remote branches on GitHub, which is an intended functionality of the skill to synchronize local fixes.
  • [PROMPT_INJECTION]: The skill processes untrusted data from GitHub pull request review comments, creating a surface for indirect prompt injection. This is an inherent part of the task but is managed by instructions to perform verification.
  • Ingestion points: The fetch_threads function in scripts/pr_health.py retrieves the body text of unresolved review comments.
  • Boundary markers: There are no specific delimiters used to isolate comment content from the agent's instructions.
  • Capability inventory: The agent has the capability to write to the local filesystem, execute build and test commands, and perform git operations.
  • Sanitization: The review comment content is processed as raw text without explicit filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 24, 2026, 03:51 AM