prowler-pr
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious behaviors, obfuscation, or unauthorized access patterns were detected. The use of Bash is limited to standard repository management tools (git, gh) and local linting.
- Indirect Prompt Injection (LOW): The skill has a surface for indirect prompt injection because it reads untrusted data from the repository (commit logs and code diffs) to generate PR descriptions.
- Ingestion points: File
SKILL.md(viagit diff main...HEADandgit log) andreferences/pr-docs.md. - Boundary markers: Instructions use Bash heredocs (
EOF) to isolate the generated PR body from the command shell. - Capability inventory:
Bash,Write,Edit,WebFetch,WebSearch. - Sanitization: No explicit sanitization of repository content is performed before interpolation into the PR template.
Audit Metadata