create-pr
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Git and the GitHub CLI (gh) for branch management and pull request creation. The execution is limited to specific, pre-defined commands like 'git add', 'git commit', 'git push', and 'gh pr create', aligning with the skill's stated purpose.
- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection. 1. Ingestion points: Local git branch changes and diffs. 2. Boundary markers: Absent. 3. Capability inventory: GitHub CLI (gh) and Git commands. 4. Sanitization: Absent. The risk is minimized because the agent's permissions are limited to repository-specific pull request management tasks, preventing broader system impact.
Audit Metadata