prowler-ci
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection Surface. The skill is designed to read, analyze, and edit GitHub Action workflows and PR metadata which may contain untrusted data from external contributors.
- Ingestion points: Workflow files (
.github/workflows/*), PR templates, PR titles, and changelogs. - Boundary markers: None. The instructions do not define delimiters or warn the agent to ignore instructions embedded within the files it analyzes.
- Capability inventory: The skill allows the use of
Bash,Write, andEdit, which could be exploited if an attacker embeds malicious instructions in a PR that the agent executes while 'debugging' a failure. - Sanitization: None present.
- [Credentials Unsafe] (SAFE): The skill mentions common API key formats (AWS, OpenAI, GitHub) and includes a placeholder key (
sk-test1234567890...). These are correctly identified as documentation for the TruffleHog secret scanner and do not constitute a credential leak.
Audit Metadata