Skills
skills/michael-f-bryan/skills/wait-for-ci/Gen Agent Trust Hub

wait-for-ci

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides documentation for executing the gh (GitHub CLI) tool to monitor workflow status. This is a standard developer operation and uses documented flags like --exit-status and --compact.
  • [SAFE]: No indicators of malicious activity such as credential exfiltration, persistence, or privilege escalation were found. The resource (GitHub) is a well-known service, and the author's instructions align with its intended use.
  • [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface because it reads external GitHub Action logs which could theoretically contain malicious instructions. This risk is inherent to the monitoring task. Ingestion points: GitHub Action logs via gh run watch (SKILL.md). Boundary markers: Absent. Capability inventory: Terminal command execution (gh). Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:30 AM