Skills
skills/phuetz/code-buddy/merge-pr/Gen Agent Trust Hub

merge-pr

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from GitHub pull requests to satisfy logic gates for merging.\n
  • Ingestion points: PR metadata (state, mergeable status) and status check results fetched via gh pr view and gh pr checks in SKILL.md.\n
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore any natural language instructions that might be embedded in the PR data or status check outputs.\n
  • Capability inventory: The skill uses gh pr merge, git checkout, git pull, and git branch -d (all listed in SKILL.md) to perform its tasks.\n
  • Sanitization: No sanitization or validation of the PR data is performed before the agent processes it for decision-making.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:13 AM
Security Audit — agent-trust-hub — merge-pr