ship
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands including
git,gh, andevoto manage repository state and analyze experiment results. These operations are standard for development workflows and restricted to the current repository context. - [DATA_EXFILTRATION]: Utilizes the
gh pr createcommand to send code and metadata to GitHub. This network operation targets a well-known service and is essential to the skill's purpose, with mandatory user consent required before execution. - [PROMPT_INJECTION]: The skill ingests data from experiment results (hypotheses and scores) and interpolates them into pull request descriptions. This represents an indirect prompt injection surface; however, the risk is mitigated by explicit requirements for user review and confirmation before the pull request is created.
Audit Metadata