Skills
skills/onekeyhq/app-monorepo/1k-monitor-pr-ci/Gen Agent Trust Hub

1k-monitor-pr-ci

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and Git commands to fetch pull request metadata, CI status, and logs. It also has the capability to modify the local filesystem and push changes back to the remote repository.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by design, as it ingests and processes external, untrusted content.
  • Ingestion points: Retrieves PR comments via gh api and fetches CI failure logs using gh run view --log-failed.
  • Boundary markers: The workflow does not specify delimiters or instructions to ignore embedded commands within the fetched comments or logs.
  • Capability inventory: The agent can perform file system writes to 'fix the code', execute git commit, and perform git push to the repository.
  • Sanitization: There is no mention of sanitization or validation of the text retrieved from GitHub before it is used to determine code changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 12:45 AM