Skills
skills/nozomi-koborinai/koborin-ai/commit-push-pr/Gen Agent Trust Hub

commit-push-pr

Pass

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from commit messages and code differences to generate Pull Request bodies, which could allow an attacker to influence the agent's output via malicious content in the repository.
  • Ingestion points: The skill executes git log and git diff to gather context for the PR body (found in SKILL.md).
  • Boundary markers: Absent. There are no instructions to the model to ignore or delimit instructions found within the git history or diff data.
  • Capability inventory: The skill has the ability to push code (git push) and create pull requests (gh pr create).
  • Sanitization: Absent. The skill does not sanitize or escape the content retrieved from git before interpolating it into the PR template.
  • [Command Execution] (SAFE): The skill executes git and gh (GitHub CLI) commands. While these are powerful tools, their use here is directly aligned with the stated purpose of the skill and does not appear to involve unauthorized privilege escalation or obfuscated execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 21, 2026, 01:20 PM