pr-description
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access were detected. The skill's behavior is consistent with its stated purpose of generating PR documentation.
- [COMMAND_EXECUTION]: The skill instructs the agent to generate shell commands within the 'Testing Instructions' and 'Rollback Plan' sections of the output. These commands (e.g.,
npm test,git revert) are intended for the user to copy and execute manually in their local environment to verify the code changes. - [DATA_EXFILTRATION]: The skill requires access to the branch's git diff (
git diff main...HEAD) to perform its analysis. This is a legitimate and necessary operation for generating an accurate description of the changes. - [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface as it processes untrusted data (git diffs) which could contain malicious instructions designed to influence the generated PR description or testing commands.
- Ingestion points: The agent reads the full branch diff (SKILL.md, Workflow Step 1).
- Boundary markers: None identified in the prompt instructions to isolate the diff content from the instructions.
- Capability inventory: The skill generates shell commands for testing and rollback (SKILL.md, Workflow Step 4 and 5).
- Sanitization: No specific sanitization or filtering of the diff content is mentioned.
Audit Metadata