prune-workflows
Pass
Audited by Gen Agent Trust Hub on May 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documents the use of standard CLI tools, specifically
gh(GitHub CLI) andgit, by the underlying MCP server to perform read-only safety checks. These checks verify Pull Request status (gh pr list) and recent commit history (git log) to identify active workflows that should be protected from pruning. - [SAFE]: The skill implements a secure workflow for administrative operations, requiring an initial dry-run to identify candidates followed by a mandatory user confirmation step. This 'human-in-the-loop' design, combined with clear anti-patterns and audit logging (via
workflow.prunedevents), ensures that destructive actions are performed intentionally and transparently.
Audit Metadata