gh-pr-creation
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to identify and run required quality gates from repository configuration and CI conventions, leading to the execution of arbitrary shell commands found in the workspace.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it parses untrusted repository configuration files to determine its execution steps without sanitization or boundary markers. Ingestion points: Repository configuration and CI files. Boundary markers: Absent. Capability inventory: git, gh, and arbitrary shell commands. Sanitization: Absent.
- [NO_CODE]: The skill consists only of instructions in the SKILL.md file and does not include any accompanying scripts or executables.
Audit Metadata