monitor-ci
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Git commands, Nx CLI tools, and local Node.js scripts to manage the CI monitoring lifecycle and apply code changes.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing external CI task outputs and failure summaries that could potentially contain malicious instructions. Ingestion points: CI status and task metadata from Nx Cloud. Boundary markers: None used to isolate CI data. Capability inventory: Shell execution (Bash), file writing, and Git push capabilities. Sanitization: No specific filtering of ingested CI data before processing.
Audit Metadata