Skills
skills/devarfeen/agent-skills-kit/commit-push-pr/Gen Agent Trust Hub

commit-push-pr

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements a 'Pre-commit safety' mechanism that prevents the staging of sensitive files like .env, .pem, id_rsa, and other credential-related patterns, reducing the risk of accidental data exposure.
  • [SAFE]: A human-in-the-loop security pattern is enforced; the skill is instructed to show drafts of the issue, commit message, and pull request body to the user and wait for explicit approval before proceeding with execution.
  • [SAFE]: The skill utilizes standard, well-known development tools (git and the GitHub CLI gh) and employs safe command construction patterns, such as using HEREDOCs to prevent command injection when handling multi-line strings.
  • [SAFE]: All external interactions are restricted to the local filesystem (via git) and the official GitHub API (via the gh tool), with no detected attempts to communicate with unauthorized or suspicious third-party domains.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 11:33 PM