Skills
skills/athola/claude-night-market/pr-prep/Gen Agent Trust Hub

pr-prep

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: No malicious behavior detected. The skill automates standard PR preparation tasks like running tests and linting.
  • [COMMAND_EXECUTION]: The skill invokes local project commands such as make, npm, and pytest to execute quality gates before PR creation.
  • [EXTERNAL_DOWNLOADS]: Utilizes modular dependencies (e.g., sanctum:git-workspace-review, scribe:slop-detector) for shared functionality and content validation.
  • [DATA_EXFILTRATION]: The skill records execution details, including commands and file paths, to a local audit log file (/tmp/skill-audit.log) for tracking progress.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from git history and diffs.
  • Ingestion points: Git diff output and file contents are read to generate summaries in SKILL.md (Step 3).
  • Boundary markers: The instructions do not define delimiters to isolate diff content from task instructions.
  • Capability inventory: Access to Bash for command execution and Write for file modifications.
  • Sanitization: Ingested git data is processed without explicit sanitization or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 11:26 PM