Skills
skills/laurigates/claude-plugins/git-branch-pr-workflow/Gen Agent Trust Hub

git-branch-pr-workflow

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses modern Git commands (switch, restore, push, rebase) and the GitHub CLI (gh) to perform repository management tasks.
  • [COMMAND_EXECUTION]: It executes a local utility script, scripts/pr-context.sh, using Bash to aggregate information from the repository's current state.
  • [DATA_EXFILTRATION]: The skill performs git push operations to synchronize local code with remote branches on GitHub, which is the primary intended function of the workflow.
  • [PROMPT_INJECTION]: The scripts/pr-context.sh script represents an indirect prompt injection surface as it processes untrusted data from git logs and GitHub PR metadata.
  • Ingestion points: Reads commit messages via git log and pull request details via gh pr list in the scripts/pr-context.sh file.
  • Boundary markers: The output is structured with section headers such as --- COMMITS --- and --- CLOSING_KEYWORDS --- to delineate data.
  • Capability inventory: The skill has the ability to update remote branches via git push and create/update pull requests using mcp__github__* tools.
  • Sanitization: The script extracts and displays commit messages and issue references without filtering or escaping content that might contain instruction overrides.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 05:38 AM
Security Audit — agent-trust-hub — git-branch-pr-workflow