create-pr
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes common command-line utilities such as git and gh (GitHub CLI). These are used strictly within their intended developer workflow contexts.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data. 1. Ingestion points: Commit messages and git diffs accessed in SKILL.md Step 1. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used during analysis. 3. Capability inventory: The skill can execute gh pr create to submit data to a remote repository. 4. Sanitization: No programmatic sanitization is performed, but the skill mandates a human review and confirmation step via AskUserQuestion before the final action is taken.
Audit Metadata