pr
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified. The skill performs standard development tasks using authorized platform tools.
- [COMMAND_EXECUTION]: The skill delegates repository operations (branch pushing and PR creation) to the 'chalk github agent', which is an expected tool for this workflow.
- [PROMPT_INJECTION]: The skill incorporates external information from git commits and GitHub comments, creating an indirect prompt injection surface typical for documentation assistants.
- Ingestion points: Commit history and GitHub issue comments are read to generate the PR body (SKILL.md).
- Boundary markers: The skill does not define specific delimiters for the ingested data.
- Capability inventory: The skill is capable of pushing code and creating pull requests via the GitHub agent (SKILL.md).
- Sanitization: Content is not filtered, but the workflow explicitly includes a manual review step by the user prior to finalization.
Audit Metadata