Skills
skills/coralogix/cx-cli/create-pr/Gen Agent Trust Hub

create-pr

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard git and gh (GitHub CLI) commands to inspect repository history, check remote status, and create pull requests. These are well-known developer tools and their use is consistent with the skill's stated purpose.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates untrusted data from the git environment into the prompt used to generate PR content.\n
  • Ingestion points: The skill reads git commit history (git log) and code changes (git diff) from the local repository in SKILL.md.\n
  • Boundary markers: There are no markers or delimiters used to separate the ingested git data from the agent's instructions, nor are there instructions to ignore embedded commands within that data.\n
  • Capability inventory: The agent has the capability to execute git push and gh pr create based on its analysis of the ingested data.\n
  • Sanitization: No sanitization, validation, or escaping is performed on the commit messages or diff content before they are used to generate the PR summary.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 08:29 AM