pr
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted repository content to generate PR titles and descriptions. Ingestion points: .github/pull_request_template.md, git log, git diff, and gh issue list. Boundary markers: None specified in the instructions. Capability inventory: git push and gh pr create. Sanitization: No sanitization or validation of the ingested data is described before use in commands.
- [COMMAND_EXECUTION]: The skill relies on local git and gh commands for source control and pull request management. These operations are within the scope of the skill's primary purpose and use standard CLI arguments based on the user's environment.
Audit Metadata