Skills
skills/efoo-team/skills/pr-body-generator/Gen Agent Trust Hub

pr-body-generator

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands such as git diff --stat and git diff --name-only to gather information about code changes. These commands are benign and necessary for the skill's stated purpose of PR generation.\n- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection as it processes untrusted data (git diff output) without explicit boundary markers or sanitization. However, this is a standard risk for analysis-based skills and is considered safe within this context.\n
  • Ingestion points: Git diff output processed in Step 0 and Step 1.\n
  • Boundary markers: Absent; no specific instructions are provided to the agent to ignore instructions embedded within the code changes.\n
  • Capability inventory: Shell execution (git) and text generation.\n
  • Sanitization: No sanitization of the code diff content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 07:15 AM