Skills
skills/flitzrrr/opencode-processing-skills/fix-ci/Gen Agent Trust Hub

fix-ci

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill interacts with the GitHub CLI (gh) to retrieve run statuses and logs, and executes standard development commands such as npm test, pytest, and git push to diagnose and apply fixes. These operations are expected for a CI maintenance tool.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its reliance on untrusted external data from CI logs.
  • Ingestion points: Log data is ingested via gh run view --log-failed as specified in SKILL.md.
  • Boundary markers: Delimiters or safety instructions to isolate log content from the agent's internal logic are absent.
  • Capability inventory: The agent has the ability to execute terminal commands, modify files, and push to remote repositories (SKILL.md).
  • Sanitization: No sanitization or validation of the log content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:34 AM