Skills
skills/willbooster/agent-skills/complete-pr/Gen Agent Trust Hub

complete-pr

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gh CLI and Git commands (commit, push) to manage repository workflows and pull request status.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted input from pull request bodies and review comments.
  • Ingestion points: Pull request descriptions and review messages retrieved via the fetch-pr skill.
  • Boundary markers: None explicitly defined in the instructions to separate untrusted data from instructions.
  • Capability inventory: The agent can perform file system writes (code changes), Git commits, Git pushes, and update PR metadata.
  • Sanitization: The instructions mitigate risk by directing the agent to validate claims against the codebase and official documentation before acting, though it remains a potential surface for indirect injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 06:12 PM