pull-request
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate operations using standard development tools (git, gh, glab) to automate the creation and management of pull/merge requests. All operations align with the stated purpose and the provided file contents.- [COMMAND_EXECUTION]: The shell commands used are strictly limited to the specified allowed-tools and are necessary for the skill's primary function of interacting with source control and platform APIs. No suspicious or unverified command execution patterns were detected.- [PROMPT_INJECTION]: The skill processes commit messages and code diffs as data. While this is an inherent surface for indirect prompt injection in summary tasks, the instructions contain specific constraints (e.g., regarding issue numbers and context validation) that encourage responsible generation of descriptions.
Audit Metadata