acc-generate-ci-fix
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWNO_CODE
Full Analysis
- No Code (SAFE): The skill contains only markdown documentation. There are no executable scripts (.sh, .py, .js), configuration files that trigger execution, or binary files. All commands provided are in the form of code blocks intended for human or AI reference to generate templates for CI configuration files.
- Indirect Prompt Injection (INFO): The skill is designed to process external content (CI logs and error patterns) to suggest fixes. While this is an ingestion point for untrusted data, the skill acts as a static knowledge base and does not include autonomous execution logic. Any risk would reside in the downstream agent's implementation and level of autonomy when applying the suggested fixes.
- Command Execution (SAFE): The documentation mentions high-privilege commands like 'sudo rm -rf' and 'chmod +x'. However, these are standard patterns for cleaning up virtual environments in ephemeral CI runners (GitHub Actions) and are presented as templates for reference, not as commands executed by the skill itself.
- Credential Exposure (SAFE): The templates include 'MYSQL_ROOT_PASSWORD: root'. This is a standard default for local testing environments and does not represent a leak of production credentials or secrets.
Audit Metadata