Skills
skills/getsentry/webvitals.com/create-pr/Gen Agent Trust Hub

create-pr

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git and gh (GitHub CLI) to interact with the local repository and GitHub's API. These commands are necessary for the skill's stated purpose of managing pull requests.
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8) as it processes external data from the git history and code diffs to generate pull request descriptions.
  • Ingestion points: Data from git log and git diff commands in SKILL.md is provided to the agent.
  • Boundary markers: There are no explicit delimiters used to isolate git-derived content from the agent's logic.
  • Capability inventory: The skill can perform modifications on GitHub using gh pr create and gh api as defined in SKILL.md.
  • Sanitization: No sanitization or validation of the commit history or code changes is performed before the data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 12:36 AM