acc-analyze-ci-config
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill defines a process for analyzing untrusted external configuration files (GitHub Actions and GitLab CI). While this is a surface for indirect injection, the risk is mitigated by the skill's limited capabilities, which are restricted to generating analysis reports and text-based suggestions.
- [Prompt Injection] (SAFE): No patterns were found indicating attempts to override agent behavior, bypass safety protocols, or leak system prompts.
- [Data Exposure] (SAFE): The skill contains illustrative examples of exposed secrets for educational detection, but no functional hardcoded credentials or unauthorized data access paths exist.
- [Remote Code Execution] (SAFE): There are no external downloads, package installations, or dynamic execution patterns present in the skill's Markdown-only content.
Audit Metadata