creating-android-pull-request
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes shell commands for standard development tasks such as running Android unit tests and linting using
./gradlew, checking for unintended changes withgit diff, and creating pull requests via the GitHub CLI (gh pr create). These operations are consistent with the skill's intended purpose for Bitwarden developers. - [PROMPT_INJECTION]: The skill instructs the agent to read and follow the repository's PR template located at
.github/PULL_REQUEST_TEMPLATE.md. This represents a surface for indirect prompt injection as it involves processing external file content; however, this is a standard part of the pull request workflow and is assessed as low risk. - Ingestion points: .github/PULL_REQUEST_TEMPLATE.md.
- Boundary markers: None present.
- Capability inventory: Local shell execution (gradle, git, gh).
- Sanitization: None specified.
Audit Metadata