Skills
skills/fvadicamo/dev-agent-skills/github-pr-merge/Gen Agent Trust Hub

github-pr-merge

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (LOW): The skill uses gh and git commands to view PR data, check CI status, and perform merges. These operations involve shell command execution which, while necessary for the skill's primary purpose, constitutes a standard command execution surface.
  • PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection due to how it handles external repository data.
  • Ingestion points: The skill ingests untrusted data from GitHub via gh pr view and gh api (for PR comments) as seen in SKILL.md.
  • Boundary markers: Absent. There are no delimiters used to separate external PR content from the agent's instructions, nor are there warnings to the model to ignore embedded instructions.
  • Capability inventory: The skill has repo-write capabilities via gh pr merge and the ability to modify local repository state via git checkout and git pull.
  • Sanitization: Absent. Data retrieved from GitHub PRs is used directly in the agent's context and logic without filtering or sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 09:47 PM