pull-request-management
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill utilizes standard, well-known tools like the GitHub CLI (gh) and Git to manage pull requests. The operations described are consistent with legitimate repository maintenance tasks.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it ingests untrusted data from pull request titles, bodies, and comments. Additionally, workflows involving 'npm test' on checked-out PR branches could lead to the execution of code provided by external contributors. These are recognized risks associated with the skill's primary purpose of code review and management.
Audit Metadata