Skills
skills/tighten/claude-plugins/shift/Gen Agent Trust Hub

shift

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple system commands using the gh CLI, git, and PHP tools. Evidence: usage of gh pr view, gh pr checkout, composer update, php artisan test, and code style fixers such as duster or pint in SKILL.md.
  • [EXTERNAL_DOWNLOADS]: The skill downloads project dependencies through standard package management tools. Evidence: execution of composer update in Step 5 of SKILL.md.
  • [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection by following external instructions.
  • Ingestion points: PR description and comments retrieved via gh pr view --comments in SKILL.md.
  • Boundary markers: Absent; the agent is directed to follow instructions in the text without isolation.
  • Capability inventory: File modification, dependency updates via composer, and command execution through php artisan test and style fixers in SKILL.md.
  • Sanitization: Absent; the skill does not validate or sanitize instructions from the pull request comments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 04:40 PM