stack-push
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a series of shell commands using
gitandgh(GitHub CLI) to manage local and remote branches. These commands include listing branches, checking commit counts, pushing branches to origin, and creating/commenting on Pull Requests. - [DATA_EXFILTRATION]: The skill performs network operations specifically targeting GitHub through the
git pushandgh prcommands. This is consistent with the skill's primary purpose of PR automation on a well-known service. No sensitive local configuration files (e.g.,.ssh/id_rsa,.env) are accessed or transmitted. - [INDIRECT_PROMPT_INJECTION]: The skill ingests data from the local environment (specifically git branch names and PR numbers) and interpolates them into PR titles, bodies, and comments. This represents a minor indirect injection surface where malicious branch names could influence the agent's output, though the risk is minimized by the intended use in a controlled developer environment.
- [REMOTE_CODE_EXECUTION]: The skill references external dependencies (e.g.,
sanctum:pr-prep) which are part of the same ecosystem/vendor. It does not download or execute arbitrary scripts from untrusted remote sources.
Audit Metadata