Skills
skills/everyinc/compound-engineering-plugin/changelog/Gen Agent Trust Hub

changelog

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gh CLI tool to interact with GitHub repositories, fetch PR descriptions, and analyze labels.
  • [EXTERNAL_DOWNLOADS]: The skill interacts with GitHub APIs to retrieve pull request and issue data. It also provides documentation for using curl to send data to external Discord webhooks.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. It ingests PR titles, descriptions, and issue context from GitHub (untrusted external data) and processes this content into a summary. The prompt lacks boundary markers (e.g., XML tags or delimiters) and does not explicitly instruct the agent to ignore instructions embedded within the PR data it analyzes.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 03:33 PM