Skills
skills/markphelps/agent-plugins/ship-pr/Gen Agent Trust Hub

ship-pr

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection by processing untrusted repository metadata and file content.
  • Ingestion points: The skill analyzes repository state, staged/unstaged files, and diffs via git status (SKILL.md).
  • Boundary markers: There are no explicit markers or instructions to isolate the agent from potentially malicious instructions embedded in filenames or file content.
  • Capability inventory: The skill modifies the repository state via git commit and performs network operations via git push and pull request creation (SKILL.md).
  • Sanitization: No validation or sanitization of repository data is performed before it is used to generate commit messages or plan staging logic.
  • [COMMAND_EXECUTION]: The skill uses shell commands including git add, git branch, git commit, and git push to perform its intended functions. These are standard operations for Git-based workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 04:50 PM
Security Audit — agent-trust-hub — ship-pr