pr-resolver
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The file describes a workflow for processing untrusted data from GitHub PR comments.\n
- Ingestion points: GitHub PR comments and suggestions accessed via
gh api graphqlas described inreferences/github_api_reference.md.\n - Boundary markers: None. The guide lacks instructions to distinguish between valid suggestions and malicious prompt overrides embedded in comments.\n
- Capability inventory: The workflow utilizes
git(commit/push),ghCLI (mutations), and shell execution for linting/fixing tools.\n - Sanitization: None. The guide encourages direct extraction and application of code from user-provided suggestion blocks.
Audit Metadata