Skills
skills/hex2dec/skills/gitee-auto-pr/Gen Agent Trust Hub

gitee-auto-pr

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses local git commands (git push, git fetch, git log) to manage repository workflows and interact with Gitee's review mode.
  • [EXTERNAL_DOWNLOADS]: Communicates with external Gitee remotes via git fetch and git push to synchronize code and create pull requests.
  • [PROMPT_INJECTION]: Subject to potential indirect prompt injection through the processing of terminal output from git commands.
  • Ingestion points: The agent is instructed to capture and report terminal output from git push operations in SKILL.md.
  • Boundary markers: Absent; no specific delimiters are used to wrap the terminal output or instruct the agent to ignore instructions embedded in that output.
  • Capability inventory: The agent can execute subprocesses via git commands as defined in SKILL.md.
  • Sanitization: Absent; the skill does not define methods to filter or escape the captured terminal output before processing it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 09:07 AM