pr-finalize
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- Standard Tool Usage: The skill utilizes
gh(GitHub CLI) andgitcommands to fetch PR information and diffs. These tools are used appropriately for code review and documentation purposes within the expected scope of a PR finalization agent. - Data Access Patterns: It reads PR content, including titles, descriptions, and commit messages. While this involves processing external data, the skill includes strict guidelines against taking automated actions like approving or commenting directly, ensuring human-in-the-loop control.
- Trusted External Resources: The skill references documentation and testing guidelines within the Cloudflare-recognized
dotnetorganization on GitHub. These are official resources related to the skill's primary purpose. - Indirect Prompt Injection Surface: Since the skill analyzes user-submitted PR content, there is an inherent surface for indirect prompt injection where instructions could be hidden in PR descriptions or code comments. However, the skill's 'analysis-only' constraint and lack of automated execution capabilities on that data effectively mitigate this consideration.
Audit Metadata