create-pr
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to discover and execute build, lint, and test commands defined in the repository's configuration files (e.g., Makefile, package.json, pyproject.toml). \n
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection where a malicious actor could modify repository configuration files to execute arbitrary commands when the agent performs 'Local Verification.' \n
- Ingestion points: Files in the repository root such as Makefile, package.json, pyproject.toml, Cargo.toml, go.mod, etc. \n
- Boundary markers: None present. \n
- Capability inventory: Execution of arbitrary shell commands for typechecking, linting, and testing across various ecosystems (JavaScript, Python, Rust, Go, Java, Ruby). \n
- Sanitization: No verification or sanitization of the commands found within the repository files before execution.
Audit Metadata