pr-prep
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill provides a structured and secure workflow for generating pull request artifacts. It implements auditing via hooks that log tool usage to a local temporary directory, which is a defensive best practice. No malicious instructions, obfuscation, or data exfiltration attempts were found.
- [COMMAND_EXECUTION]: The skill facilitates the execution of local development tools (e.g.,
make,npm,cargo,pytest) to validate code quality. These commands are typical for developer workflows and are used as intended for running tests and linters within the user's project context. - [DATA_EXFILTRATION]: No data exfiltration patterns were identified. The skill only writes logs locally to
${CLAUDE_CODE_TMPDIR:-/tmp}for auditing purposes and does not make unauthorized network connections or access sensitive credentials.
Audit Metadata