Skills
skills/codyswanngt/lisa/git-submit-pr/Gen Agent Trust Hub

git-submit-pr

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git and gh commands for repository management. This includes git status, git log, git push, and gh pr merge. These operations are consistent with the skill's primary purpose of automating pull request workflows.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it incorporates external data from the git repository into its decision-making and output generation.
  • Ingestion points: Reads untrusted data from commit messages via git log and file/branch names via git status in the Check current state step.
  • Boundary markers: None; the skill does not use specific delimiters or instructions to ignore embedded commands within the git output.
  • Capability inventory: The agent has access to Bash (arbitrary command execution) and several GitHub MCP tools for creating and updating pull requests.
  • Sanitization: There is no evidence of sanitization or validation of the strings retrieved from the git history before they are processed or included in the PR description.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 10:30 AM