push
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Command Execution via Local Build Tools: The skill executes
make -C elixir allandmix pr_body.check. These commands are standard in development environments for validating code quality and checking pull request descriptions before they are finalized.- Integration with External Services: The skill uses theghCLI andgitto interact with GitHub. This involves standard network operations for pushing code changes and managing repository metadata on GitHub's platform.- Indirect Prompt Injection Surface: The skill ingests external data by reading pull request bodies and template files. This content is used to inform the agent's PR updates. While this is a necessary part of the workflow, it represents a surface where the agent processes text from the repository that could contain embedded instructions.
Audit Metadata