open-source-contributions
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell scripts (pre-pr-check.sh and clean-branch.sh) and a companion agent (pr-prepare.md) that execute standard development commands such as git, npm, npx, and grep. These tools are used for local repository maintenance, quality assurance checks, and preparing code for PR submission.
- [PROMPT_INJECTION]: The pr-prepare agent exhibits an indirect prompt injection surface as it is designed to analyze local project documentation and configuration files. Ingestion points: local files such as CONTRIBUTING.md, package.json, and README.md. Boundary markers: absent. Capability inventory: execution of bash, npm, and git commands. Sanitization: absent. This surface is necessary for the skill's functionality and is managed by the agent's limited instructional scope.
- [SAFE]: The documentation includes dummy examples of hardcoded secrets (e.g., in assets/bad-pr-example.md) to demonstrate common security pitfalls and educate users on what to exclude from their contributions. These examples are non-functional and serve a purely educational purpose.
Audit Metadata