Skills
skills/willbooster/agent-skills/update-pr/Gen Agent Trust Hub

update-pr

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the @willbooster/agent-skills CLI tool using bunx and relies on git and gh (GitHub CLI) within a Bash shell to manage repository metadata.
  • [EXTERNAL_DOWNLOADS]: It fetches the @willbooster/agent-skills package from the npm registry at runtime via the bunx package runner.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from the repository to generate content.
  • Ingestion points: The agent analyzes commit logs, file diffs, and branch information to compose the PR title and body.
  • Boundary markers: No explicit delimiters are specified in the instructions to separate repository-sourced data from the agent's instructions.
  • Capability inventory: The skill has access to Bash execution with git and GitHub CLI capabilities.
  • Sanitization: There is no evidence of sanitization or validation of the ingested repository data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 06:13 PM
Security Audit — agent-trust-hub — update-pr