Skills
skills/ascend-ai-coding/awesome-ascend-skills/create-pr/Gen Agent Trust Hub

create-pr

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git and gh commands to manage local status and create remote pull requests. These operations are standard for development workflows and target the well-known GitHub service.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it processes repository data to generate PR metadata.
  • Ingestion points: local file data via git diff, git status, and git log.
  • Boundary markers: The bash command uses a quoted heredoc ('EOF') to prevent shell expansion of the generated PR body.
  • Capability inventory: File system read access, git command execution, and GitHub API interaction via gh CLI.
  • Sanitization: No specific filtering or escaping is applied to analyzed git diffs before they are used to generate descriptions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 06:11 AM