pr-sync
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: Uses Bash to execute git commands (branching, staging, committing, pushing) and the GitHub CLI (gh) for PR management. It also invokes local Python scripts for repository classification and ADR (Architecture Decision Record) validation.- [DATA_EXFILTRATION]: Communicates with GitHub to push code and create pull requests. The skill includes explicit instructions to block sensitive files like credentials, API keys, and environment variables from being committed.- [INDIRECT_PROMPT_INJECTION]: The skill operates on repository data, branch names, and commit messages which may contain content from untrusted sources.
- Ingestion points: Branch names, commit messages, and local ADR session files.
- Boundary markers: Not explicitly used in command templates.
- Capability inventory: Full shell access for git/gh operations and file system modification (sed, mv, rm).
- Sanitization: Implements a blocklist for sensitive file patterns during the staging process.
Audit Metadata