Skills
skills/getsentry/skills/pr-writer/Gen Agent Trust Hub

pr-writer

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes existing pull request titles and bodies using gh pr view in SKILL.md. These ingestion points allow untrusted external data to enter the agent context. Boundary markers for this input are not explicitly defined. The skill includes instructions to prioritize the actual code diff over existing PR text, and capabilities are scoped to git and gh for pull request management.
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh) and git to interact with repositories and pull requests. It employs secure shell patterns, such as the cat <<'EOF' heredoc, to handle multi-line string interpolation and prevent command injection when passing generated PR bodies to the shell.
  • [SAFE]: The skill incorporates strong data protection guidelines, explicitly directing the agent to omit customer data, PII, and support ticket details from pull requests, aligning with security best practices for public software development.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 02:16 PM