Skills
skills/noblejasper/agent-skills/create-pr-jp/Gen Agent Trust Hub

create-pr-jp

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes pnpm lint and pnpm test to validate code before creating a pull request. These commands run scripts defined locally within the repository's package.json file.
  • [PROMPT_INJECTION]: The skill features an indirect prompt injection surface by ingesting data from git history and local template files to construct the pull request body.
  • Ingestion points: PR templates located at .github/pull_request_template.md or docs/pull_request_template.md, as well as output from git log and git diff commands.
  • Boundary markers: None identified; content from these files and commands is directly used to generate the PR description.
  • Capability inventory: The skill can execute shell commands (pnpm, git, gh) and perform network operations via the GitHub CLI.
  • Sanitization: There is no evidence of sanitization or filtering of the content retrieved from git logs or template files before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 02:24 AM