grey-haven-pr-template
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Overall Security (SAFE): No security issues detected. The skill is purely informational and template-based.
- No Executable Code (SAFE): The skill consists entirely of Markdown files (templates and checklists). It does not include any scripts (Python, JavaScript, Shell) or binaries.
- Tool Configuration (SAFE): The skill defines a set of allowed tools (
Bash,Read,Grep,Glob,TodoWrite) for the agent to use when analyzing a repository. No malicious usage of these tools is suggested or implemented within the skill itself. - Data Handling (SAFE): The guidelines focus on best practices for internal development (e.g., RLS, multi-tenancy, style guides). There are no hardcoded credentials, sensitive file paths, or network exfiltration attempts.
- Indirect Prompt Injection Surface (LOW/SAFE): While the skill involves reading and summarizing project code—a potential surface for indirect prompt injection—it does not provide any unsafe interpolation logic or instructions that would cause the agent to execute untrusted code found in the files it reads.
Audit Metadata