pr
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git and gh (GitHub CLI) commands to gather context and perform PR operations. This is standard behavior for development automation tools.- [DATA_EXFILTRATION]: No evidence of data exfiltration was found. Network activity is limited to interactions with GitHub's official services via the gh CLI tool.- [REMOTE_CODE_EXECUTION]: The skill references a local script 'ship-upload-pr-asset.js' for uploading assets. No remote code downloads or untrusted script execution patterns were detected.- [PROMPT_INJECTION]: The skill ingests data from external files (SPEC.md) and PR data which constitutes an indirect prompt injection surface. Ingestion points: SPEC.md, git diff output, and tmp/ship/qa-progress.json. Boundary markers: The skill uses defined Markdown templates but does not explicitly enforce security boundaries. Capability inventory: git and gh CLI commands. Sanitization: None specified. This is a low-risk surface inherent to the skill's purpose of documentation synthesis.
Audit Metadata