configure-workflows
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (using the !
commandsyntax) in the SKILL.md frontmatter to automatically discover the project's directory structure and configuration files upon loading. These commands (e.g.,find) are benign and used solely for environment discovery. - [EXTERNAL_DOWNLOADS]: To ensure compliance with modern standards, the skill fetches action version information from the official release pages of various GitHub and Docker organizations. This is a standard administrative task for CI/CD maintenance.
- [REMOTE_CODE_EXECUTION]: The skill provides a template for an 'Auto-fix' workflow that incorporates the
anthropics/claude-code-action. This autonomous agent pattern is designed to resolve CI failures and is sourced from a trusted organization. - [PROMPT_INJECTION]: The provided 'Claude Auto-fix' workflow template defines an indirect prompt injection surface because it processes CI failure logs (untrusted external data) and passes them to an LLM-driven action with repository write permissions. The template includes safety mitigations such as loop prevention and instructions for manual review.
Audit Metadata