pr-test-analyzer
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and processes external, untrusted content from pull requests while having access to system tools.
- Ingestion points: The skill reads pull request diffs and source code files using the 'Read', 'Glob', and 'Bash' tools.
- Boundary markers: No specific delimiters or instructions (like XML tags or triple quotes) are provided to isolate untrusted data from the agent's instructions.
- Capability inventory: The agent is permitted to use high-capability tools including 'Bash' and 'Task', which can be used to execute commands or modify the environment.
- Sanitization: There is no defined process for sanitizing or validating the contents of the files read from the pull request before they are analyzed.
Audit Metadata