pr
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes standard git commands including diff, log, checkout, and push to facilitate the pull request workflow. These actions are limited to the repository and are consistent with the skill's intended use for developer productivity.
- [PROMPT_INJECTION]: Includes an attack surface for indirect prompt injection as it processes untrusted data from git diffs and logs to generate PR descriptions.
- Ingestion points: Git diff output in Step 1 and git log history in Step 1.6.
- Boundary markers: Not explicitly used to isolate untrusted data during analysis.
- Capability inventory: The skill can perform branch checkouts, staging, committing, and pushing to remote repositories.
- Sanitization: No specific filtering or sanitization of input from git history is applied before processing.
Audit Metadata