Skills
skills/michael-menard/monorepo/wt-merge-pr/Gen Agent Trust Hub

wt-merge-pr

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill interpolates user-provided {STORY_ID} and {PR_NUMBER} directly into gh and git shell commands. Without explicit instructions for the agent to sanitize these inputs, a user could inject shell metacharacters (e.g., ;, &&, $()) to execute arbitrary commands. Additionally, using {STORY_ID} in file paths like tree/story/{STORY_ID} poses a risk of path traversal if the input contains ../ sequences.
  • [PROMPT_INJECTION]: The lack of input validation or boundary markers around the variables allows for potential manipulation of the agent's command execution logic via malicious parameter values.
  • [EXTERNAL_DOWNLOADS]: The workflow utilizes the GitHub CLI (gh) to perform pull request operations on GitHub. This is a well-known service and the interaction is standard for the skill's intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:47 PM