create-pr
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses standard
gitandghCLI commands to interact with the local repository and the GitHub API. These actions are necessary for the skill's primary functionality. - [DATA_EXFILTRATION]: No evidence of unauthorized data transfer or hardcoded credentials was found. Network interactions are confined to the expected behavior of the GitHub CLI.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by reading commit messages and pull request templates from the repository to generate command arguments. Evidence: 1. Ingestion points:
git log,git diff, and repository templates. 2. Boundary markers: Absent. 3. Capability inventory:gh pr create,git push. 4. Sanitization: Absent.
Audit Metadata