Skills
skills/codemie-ai/codemie-code/codemie-pr/Gen Agent Trust Hub

codemie-pr

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes git and gh (GitHub CLI) commands to manage the development workflow, including branch creation, committing, and pushing changes.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by interpolating data from external repository files and git history into its operations.
  • Ingestion points: Reads content from .github/PULL_REQUEST_TEMPLATE.md and git commit history to populate the pull request body.
  • Boundary markers: There are no delimiters or markers used to isolate untrusted content from the repository.
  • Capability inventory: The skill has the ability to read local files, push to remote repositories, and create pull requests on GitHub.
  • Sanitization: The skill does not perform any validation or sanitization on the content retrieved from the repository before using it in the PR creation command.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 01:25 AM