Skills
skills/morphet81/cheat-sheets/create-pr/Gen Agent Trust Hub

create-pr

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes git, gh, and acli to manage branches, create pull requests, and retrieve JIRA data. The skill enforces prerequisite authentication and installation checks.
  • [DATA_EXFILTRATION]: Transmits code to remote repositories and shares JIRA ticket metadata with GitHub as part of the PR creation process.
  • [PROMPT_INJECTION]: Ingests untrusted data from JIRA tickets and commit logs (SKILL.md). 1. Ingestion points: JIRA ticket summary/description and git commit history. 2. Boundary markers: Uses HEREDOC for prompt interpolation into the gh command. 3. Capability inventory: git push and gh pr create. 4. Sanitization: No explicit programmatic sanitization is performed, though user review of the PR title is required.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 11:04 PM