gh-pr
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes standard command-line tools (
git,gh,jq) to interact with the local repository and GitHub. These operations are essential for the skill's primary function of PR management. - [DATA_EXFILTRATION] (SAFE): Network operations are restricted to communication with GitHub via the
ghCLI andgit fetch/push. No sensitive local files (e.g., SSH keys, AWS credentials) are accessed or transmitted. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data from GitHub (PR lists, commit SHAs).
- Ingestion points: Data enters the skill via
gh pr listandgit rev-list. - Boundary markers: The skill uses
jqto parse JSON output, providing structured handling of external data. - Capability inventory: Subprocess calls are limited to
gitandghfor repository management. - Sanitization: Use of quoted heredocs (
<<'BODY') in the bash script prevents unexpected variable expansion when creating temporary files.
Audit Metadata