github-commit-and-pr-conventions
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill instructs the agent to process repository data, such as code diffs and branch names, to automatically generate commit messages and pull request descriptions. This creates a surface where malicious instructions embedded in the code being committed could influence the agent's output.
- Ingestion points: The skill reads untrusted data from the repository, including file diffs and branch lists, through GitHub MCP tools.
- Boundary markers: There are no explicit boundary markers or instructions to the agent to ignore instructions found within the diffs or repository content.
- Capability inventory: The skill uses tools to perform write operations, including committing changes, pushing to branches, and creating or updating pull requests.
- Sanitization: No sanitization or validation logic is defined to prevent instructions in the code from being interpreted by the agent during the generation of summaries or descriptions.
- [NO_CODE]: The skill consists exclusively of instructional Markdown and YAML frontmatter. It does not include or execute any standalone scripts or binary files, which significantly reduces the direct execution risk.
Audit Metadata