Skills
skills/pskoett/pskoett-ai-skills/simplify-and-harden-ci/Gen Agent Trust Hub

simplify-and-harden-ci

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the gh-aw extension and an official GitHub Action to set up the CLI. These resources originate from the trusted 'github' organization.
  • [PROMPT_INJECTION]: As the skill reviews code changes in pull requests, it is exposed to untrusted input that could attempt indirect prompt injection. However, security risks are managed through instructions that limit the agent to a 'headless' reporting mode and strictly forbid file mutations.
  • Ingestion points: Review of changed files in pull requests as specified in the Prompt Template (SKILL.md).
  • Boundary markers: No specific delimiters are used to wrap the untrusted code content being analyzed.
  • Capability inventory: The agent can post pull request comments, write issues, and fail CI runs based on severity findings (SKILL.md, workflow-example.md).
  • Sanitization: No sanitization or validation of the ingested code is implemented prior to processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 12:16 AM