Skills
skills/arinhubcom/arinhub-dev-skills/ah-create-pr/Gen Agent Trust Hub

ah-create-pr

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill automates repository workflows using git, gh, and pnpm. It follows security best practices for shell command construction, such as using quoted heredocs (cat <<'EOF') to prevent shell injection when passing generated Pull Request bodies to the GitHub CLI. Commands are constrained to repository management and quality assurance.
  • [DATA_EXFILTRATION]: The skill instructions involve reading .env files to identify missing configuration keys or security risks as part of a pre-flight check. This data is used locally to provide feedback to the user and is not transmitted to external or untrusted domains.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from the repository's git diff and git log to generate descriptive PR summaries. This inherent risk is mitigated by the tool's focused scope and the use of structured templates.
  • Ingestion points: Context is gathered from local git diff and git log outputs.
  • Boundary markers: The process uses a predefined Markdown template and clear procedure steps to delineate data from instructions.
  • Capability inventory: Execution is limited to git push, gh pr create, and gh pr edit across SKILL.md.
  • Sanitization: The skill relies on safe shell interpolation and the agent's ability to distinguish code from descriptive text within its defined structure.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 01:36 AM
Security Audit — agent-trust-hub — ah-create-pr