Skills
skills/giuseppe-trisciuoglio/developer-kit/create-pr-from-spec/Gen Agent Trust Hub

create-pr-from-spec

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests data from external specification files and interpolates it into Pull Request metadata.
  • Ingestion points: Content is read from user-provided specification files and the .github/pull_request_template.md file.
  • Boundary markers: No specific delimiters or safety instructions are defined to separate untrusted specification content from the agent's instructions.
  • Capability inventory: The skill possesses the ability to create and update pull requests, as well as modify issue assignments via create_pull_request, update_pull_request, and update_issue tools.
  • Sanitization: The instructions do not describe any validation or sanitization of the specification data before it is used to generate PR titles or bodies.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 10:10 PM