Skills
skills/firecrawl/skills/gh-fix-ci/Gen Agent Trust Hub

gh-fix-ci

Pass

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes subprocess.run in the inspect_pr_checks.py script to execute git and gh (GitHub CLI) commands. This is necessary to resolve repository details, check PR status, and fetch CI logs. Commands are executed using a list of arguments rather than a shell string, preventing command injection vulnerabilities.
  • [PROMPT_INJECTION]: The skill ingests and analyzes GitHub Action logs which are external, untrusted sources of data. This constitutes an indirect prompt injection surface.
  • Ingestion points: scripts/inspect_pr_checks.py fetches log content via gh run view and gh api.
  • Boundary markers: No explicit delimiters are used to separate ingested logs from agent instructions.
  • Capability inventory: The agent is instructed to summarize failures and propose/implement fix plans, involving file writes and command execution.
  • Sanitization: No sanitization or filtering of log content is performed before it is processed by the agent. This surface is considered safe in this context because the workflow enforces explicit user approval before implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 14, 2026, 08:24 PM