Skills
skills/laurigates/claude-plugins/ci-autofix-reusable/Gen Agent Trust Hub

ci-autofix-reusable

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The generated GitHub Actions workflows depend on the anthropics/claude-code-action@v1 and actions/checkout@v4 actions, which are hosted on trusted and well-known repositories.
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh) and git commands via the Bash tool to inspect repository state, check for secrets, and validate workflow files during the setup phase.
  • [DATA_EXFILTRATION]: The automated workflow templates use gh run view --log-failed to retrieve failure logs. These logs are processed locally by the AI action but contain sensitive project operational details.
  • [PROMPT_INJECTION]: The skill creates an automated process that ingests untrusted CI logs and has the capability to modify code via Pull Requests.
  • Ingestion points: CI logs and job summaries are read into the model context in the generated workflow steps defined in REFERENCE.md.
  • Capability inventory: The workflow templates request contents: write, pull-requests: write, and issues: write permissions, enabling the agent to commit changes and create PRs.
  • Boundary markers: The instructions in REFERENCE.md structure the task but do not include explicit separators or warnings to ignore commands embedded within the log data.
  • Sanitization: There is no evidence of log sanitization before processing, relying on the model's internal safety filters to ignore potential malicious content in logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 08:12 PM