skills/lobehub/lobe-chat/pr/Gen Agent Trust Hub

pr

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard system tools (git and gh) to perform repository operations such as checking branch status, staging files, committing changes, and pushing to origin. These are typical behaviors for development-oriented agent skills.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads untrusted data from the local repository and external GitHub metadata.
  • Ingestion points: Reads output from git log, git diff, gh pr list, and gh issue list to generate PR titles and descriptions.
  • Boundary markers: Absent. The skill does not explicitly use delimiters when processing the content of commits or diffs to ignore embedded instructions.
  • Capability inventory: The skill can execute shell commands, write to the remote repository (via git push), and create pull requests (via gh pr create).
  • Sanitization: None. The content retrieved from logs or diffs is directly used by the LLM to summarize changes and formulate PR bodies.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:32 PM
Security Audit — agent-trust-hub — pr