Skills
skills/flora131/atomic/gh-create-pr/Gen Agent Trust Hub

gh-create-pr

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform standard development tasks using git and the GitHub CLI (gh). These commands (commit, push, pr create) are consistent with the skill's stated purpose of managing pull requests.
  • [DYNAMIC_CONTEXT_INJECTION]: The skill uses the ! syntax in SKILL.md to execute read-only git commands at load time. These commands (e.g., git status, git log, gh pr view) allow the agent to understand the repository state immediately. No sensitive file access or command injection vulnerabilities were detected in these calls.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from the repository's git logs and diffs. While this presents an inherent attack surface common to development tools, the skill's logic is limited to PR metadata generation, and no malicious exploitation patterns were found.
  • Ingestion points: SKILL.md (via dynamic context injection of git log, git diff, and gh pr view output).
  • Boundary markers: Absent; the agent is instructed to analyze the ingested content directly.
  • Capability inventory: git commit, git push, and gh pr (create/edit) commands described in SKILL.md.
  • Sanitization: None; the skill relies on the underlying agent's handling of command output.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 10:01 PM