coderabbit-multi-env-setup
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill includes Bash scripts and commands for repository management using Git and the GitHub CLI. These are used to switch branches, commit configuration files, and set repository-level branch protection rules.
- [PROMPT_INJECTION]: The skill configures custom instructions for the CodeRabbit AI agent. This establishes an indirect prompt injection surface where the agent's behavior is influenced by instructions retrieved from repository configuration files.
- Ingestion points: Pull request content and metadata processed by CodeRabbit (referenced in SKILL.md).
- Boundary markers: Not present in the provided configuration examples.
- Capability inventory: The configured agent has the ability to post comments and manage PR status on GitHub.
- Sanitization: The skill does not include mechanisms for sanitizing the data processed by the external agent.
- [EXTERNAL_DOWNLOADS]: References official documentation and configuration guides from CodeRabbit and GitHub.
Audit Metadata