fix-pr
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of descriptive Markdown files and metadata. No executable scripts (Python, JavaScript, shell) or binary files are included in the package.
- [PROMPT_INJECTION]: The skill is designed to process external Pull Request comments, which creates a surface for indirect prompt injection. 1. Ingestion points: PR comments and reviewer feedback from GitHub. 2. Boundary markers: None identified in the documentation. 3. Capability inventory: Code modification and PR updates (implied by the skill description). 4. Sanitization: Not applicable as no implementation code is present in this skill.
Audit Metadata