Skills
skills/universokobana/sdlc-agent-skills/fix-github-pr/Gen Agent Trust Hub

fix-github-pr

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting untrusted data from external sources.
  • Ingestion points: Fetches PR comments via gh api and CI logs via gh run view.
  • Boundary markers: Lacks explicit delimiters or instructions to ignore potential commands within the fetched content.
  • Capability inventory: Includes file system modification, git commits/pushes, and shell command execution (bundle exec rspec).
  • Sanitization: No sanitization of external text is performed before the agent evaluates and implements requested changes.
  • [COMMAND_EXECUTION]: The skill performs several shell operations using git, gh, and bundle exec. This includes creating worktrees, committing code, and executing the Ruby test suite (rspec), which may run code provided within the Pull Request.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 06:07 PM