Skills
skills/breaking-brake/cc-wf-studio/pr-to-main/Gen Agent Trust Hub

pr-to-main

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data from git commands without safety delimiters.
  • Ingestion points: The skill reads data from git status, git diff, and git log as part of its analysis workflow defined in SKILL.md.
  • Boundary markers: Absent. There are no instructions to use delimiters or ignore instructions that may be embedded within the commit messages or code diffs.
  • Capability inventory: The skill possesses the capability to perform network and write operations via git push and gh pr create, as specified in SKILL.md.
  • Sanitization: Absent. The skill does not perform any escaping, validation, or filtering of the ingested git data before incorporating it into the final PR generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 11:59 PM