ce-commit-push-pr
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill performs repository operations using
gitandgh(GitHub CLI). It implements security best practices by using quoted heredocs ('EOF'and'__CE_PR_BODY_END__') when creating commit messages and PR bodies. This technique ensures that data processed by the agent is treated as literal text and cannot be executed as shell commands. - [DATA_EXFILTRATION]: The skill interacts with the GitHub API to manage pull requests. It includes specific defensive instructions to avoid using
git add .orgit add -A, which prevents the accidental staging and transmission of sensitive local files like.env, build artifacts, or credentials to remote repositories. - [EXTERNAL_DOWNLOADS]: The skill references assets from well-known services, specifically
img.shields.iofor status badges andgithub.comfor repository links. These are standard, low-risk integrations for developer-oriented tools. - [SAFE]: No malicious patterns such as prompt injection, obfuscation, or persistence mechanisms were detected. The skill's logic focuses on legitimate developer productivity and includes proactive measures to maintain environment security.
Audit Metadata