Skills
skills/mblode/agent-skills/pr-creator/Gen Agent Trust Hub

pr-creator

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes standard development tools including git status, git diff, git log, git push, and gh pr create to manage pull requests.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting untrusted data from the repository's git history and diffs to generate PR descriptions.
  • Ingestion points: git diff, git log output processed in SKILL.md.
  • Boundary markers: None explicitly defined to separate untrusted diff data from instructions.
  • Capability inventory: gh pr create (network write access) and git push (repository write access).
  • Sanitization: The skill relies on the agent's internal summarization logic without explicit sanitization steps for the ingested data.
  • [SAFE]: All operations are consistent with the skill's stated purpose of automating GitHub workflows. It does not contain obfuscation, hardcoded credentials, or unauthorized network activity beyond its connection to GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 12:35 AM
Security Audit — agent-trust-hub — pr-creator