Skills
skills/getsentry/skills/create-pr/Gen Agent Trust Hub

create-pr

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several local commands including git status, git log, git diff, and gh pr create to verify the state of the local repository and interact with GitHub's services.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data from the git repository history and code diffs, which are then used to generate pull request titles and bodies.
  • Ingestion points: Commit logs (git log) and code diffs (git diff) are read in Step 2 to inform the PR description.
  • Boundary markers: There are no explicit markers or instructions telling the agent to ignore potentially malicious instructions found within the code changes or commit history.
  • Capability inventory: The skill has the capability to create and update pull requests on GitHub using the gh CLI and the GitHub API.
  • Sanitization: The skill does not perform sanitization or validation of the data retrieved from the repository before using it to populate PR metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 07:57 AM