create-pr
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns or security vulnerabilities were identified in the analyzed content.
- [COMMAND_EXECUTION] (SAFE): The skill utilizes git and gh commands which are standard for its stated purpose and are explicitly listed in the allowed-tools configuration.
- [DATA_EXPOSURE] (SAFE): There are no signs of hardcoded credentials or access to sensitive system files.
- [INDIRECT PROMPT INJECTION] (LOW): The skill ingests untrusted data from git logs and local files to generate PR summaries. While this represents a standard data ingestion surface, the risk is inherent to the tool's function and no malicious exploitation patterns were found.
Audit Metadata