create-pr
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from JIRA tickets, creating a surface for indirect prompt injection.\n
- Ingestion points: JIRA ticket summary and description fields fetched in Step 4.\n
- Boundary markers: Absent; there are no instructions to use delimiters or warnings to ignore instructions within the fetched data.\n
- Capability inventory: The skill can execute git push (Step 6) and gh pr create (Step 7).\n
- Sanitization: Absent; the ticket content is interpolated directly into the PR body.\n- [COMMAND_EXECUTION]: The skill invokes local CLI tools to perform its operations.\n
- Executes git for branch name retrieval and pushing code.\n
- Executes gh (GitHub CLI) for PR operations and credential checks.\n
- Executes acli (Atlassian CLI) for JIRA ticket lookup.\n- [EXTERNAL_DOWNLOADS]: Retrieves ticket metadata from Atlassian's JIRA platform via the authenticated acli tool.
Audit Metadata