pr-create

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: Employs git and gh (GitHub CLI) to perform branch management and interact with GitHub's PR API as described in SKILL.md.
  • [PROMPT_INJECTION]: Potential surface for indirect prompt injection via the optional <theme> parameter.
  • Ingestion points: User-provided input <theme> used in the PR creation and update logic in SKILL.md.
  • Boundary markers: Content is placed within <!-- BM_INFOGRAPHIC_THEME:start --> and <!-- BM_INFOGRAPHIC_THEME:end --> blocks in the PR body.
  • Capability inventory: The skill possesses capabilities to modify PR descriptions and monitor status checks via gh commands.
  • Sanitization: There is no evidence of filtering or sanitization applied to the <theme> string before interpolation into the PR description.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 02:33 PM
Security Audit — agent-trust-hub — pr-create