finalize
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill identifies and executes local validation tools such as typecheckers, linters, and test suites to ensure code quality as part of the final pass (SKILL.md).
- [PROMPT_INJECTION]: The skill processes untrusted input from pull request comments and modified source code, creating an indirect prompt injection surface.
- Ingestion points: Modified files and PR feedback comments (SKILL.md).
- Boundary markers: Absent.
- Capability inventory: File modification, git repository management, and shell command execution for builds and tests.
- Sanitization: The skill mitigates risks through explicit safety rails that require user approval for non-reversible actions like merging or deploying.
Audit Metadata