Skills
skills/cw-codewalnut/agent-skills/pr-document-writer/Gen Agent Trust Hub

pr-document-writer

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple local shell commands to facilitate git repository analysis.
  • Evidence: Commands used include git branch --show-current, git remote show origin, git log, git diff, and ls. These are necessary to identify base branches and retrieve the specific code changes to be summarized.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it analyzes untrusted content from the repository's git diffs.
  • Ingestion points: File contents within the repository accessed via git diff <base-branch>...HEAD and local PR template files.
  • Boundary markers: Absent; no delimiters or 'ignore' instructions are used to separate analyzed code from agent instructions.
  • Capability inventory: Execution of git commands and potential write access to the repository via GitHub MCP tools (subject to user confirmation).
  • Sanitization: The skill does not perform any sanitization or filtering of the code content before processing it for summary generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 06:10 AM