vcs-change-request
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill facilitates the creation of pull requests on trusted platforms (GitHub/GitLab). It explicitly warns against including API keys or tokens in descriptions within references/guidelines.md. No evidence of sensitive local file access or unauthorized data transmission was found.
- [Indirect Prompt Injection] (SAFE): The skill ingests untrusted data such as code changes and issue details. However, it includes a mandatory human-in-the-loop approval step ("MITM Confirmation") which effectively mitigates the risk of executing unintended instructions embedded in the processed data.
- Ingestion points: Contextual data from code changes and related issues identified in the workflow.
- Boundary markers: Uses Markdown headers and structure from references/templates.md to delineate content.
- Capability inventory: Restricted to VCS tool calls mcp__github__create_pull_request and mcp__gitlab__create_merge_request.
- Sanitization: The skill relies on user approval as the primary validation mechanism before execution.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): The skill does not download external packages or execute remote scripts. No package manager files (e.g., package.json, requirements.txt) or suspicious execution commands (e.g., curl|bash) are present.
Audit Metadata