Skills
skills/mizchi/chezmoi-dotfiles/gh-fix-ci/Gen Agent Trust Hub

gh-fix-ci

Pass

Audited by Gen Agent Trust Hub on Apr 18, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git and gh (GitHub CLI) to retrieve PR logs and status information. Analysis of scripts/executable_inspect_pr_checks.py confirms that commands are executed using argument lists via subprocess.run, which prevents shell injection vulnerabilities.- [PROMPT_INJECTION]: The skill processes untrusted GitHub Action logs, which presents a surface for indirect prompt injection. This risk is appropriately mitigated by the skill's design, which requires explicit user approval before the agent implements any suggested fixes.
  • Ingestion points: PR logs are fetched in scripts/executable_inspect_pr_checks.py (lines 218 and 231).
  • Boundary markers: The logs are processed as raw text windows without specific delimiters for the LLM.
  • Capability inventory: The skill allows the agent to propose and apply code changes after user confirmation.
  • Sanitization: Logs are trimmed for context but are not filtered for malicious instructions.- [SAFE]: No indicators of data exfiltration, credential harvesting, or malicious persistence were found in the scripts or instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 18, 2026, 03:13 PM