create-pr
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard Git and GitHub CLI commands to automate development tasks.
- Evidence:
git push -u origin "$CURRENT_BRANCH",gh pr create, andgit symbolic-ref. These are expected behaviors for a PR creation utility. - The skill includes safety checks to prevent pushing to protected branches (main, master, develop).
- [DATA_EXPOSURE]: The skill reads from local configuration files (
.claude/ticket-config.json,.claude_resolve/status.json) to determine PR metadata. - This is standard practice for maintaining state in an automated workflow.
- [REMOTE_CODE_EXECUTION]: No remote code execution patterns or unverified external downloads were detected. The skill relies on locally installed tools (
git,gh,jq).
Audit Metadata