local-ci
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands such as
pnpm run ci:localandpnpm exec turbo runto mirror CI jobs locally. This behavior is expected as part of its primary functionality.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface.\n - Ingestion points: Repository source code and pull request details used to select jobs.\n
- Boundary markers: Absent; there are no delimiters to separate untrusted repository content from instructions.\n
- Capability inventory: Command execution via package manager scripts and Turbo (SKILL.md).\n
- Sanitization: Absent; the skill does not validate or sanitize repository data before use in command construction.
Audit Metadata