git-pr-workflow
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Th e skil l in voke s a loc a l scrip t './scrip t s/pr-chec k l i s t . s h' to out put a stat ic mark dow n tem p l a te . Th e scrip t con t en t is stat ic an d pos e s no sec uri ty ri s k .
- [PROMPT_INJECTION]: Th e skil l is sus c ep t ib l e to in d i rec t pro m p t in j ec t io n bec aus e it an al y z e s un t rus t ed con t en t fro m Git com m i t hi s tori e s an d bran c h di f f s to generat e sum m a ri e s . 1. In g es t io n poin t s: Git com m i t mes s a g e s an d bran c h stat e (Fil e: SKILL.m d) . 2. Boun d a ry mark e rs: No del i m i t e rs or in s t ruc t io n s to ig n ore em b ed d ed com m a n d s are us e d. 3. Cap a b i l i ty in v en t ory: Exec u t io n of a loc a l sh e l l scrip t an d Git val i d a t io n ch ec k s (Fil e: SKILL.m d) . 4. San i t i z a t io n: No val i d a t io n or san i t i z a t io n of com m i t mes s a g e s is perf orm e d bef ore th ey are pro c es s ed.
Audit Metadata