Skills
skills/openclaw/maintainers/merge-pr/Gen Agent Trust Hub

merge-pr

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • Unverifiable Dependencies & Remote Code Execution (MEDIUM): The skill relies on 'scripts/pr-merge', an external script not included in the skill definition, creating a dependency on unverifiable local code.
  • Dynamic Execution (MEDIUM): The skill uses 'source .local/prep.env' to load environment variables, which executes the file's content in the shell, posing an arbitrary code execution risk if the file is compromised.
  • Indirect Prompt Injection (LOW): The skill ingests untrusted data from local files and PR summaries. 1. Ingestion points: .local/review.json, .local/review.md, .local/prep.env, .local/prep.md. 2. Boundary markers: Absent. 3. Capability inventory: Shell script execution and sourcing. 4. Sanitization: Absent.
  • Data Exposure & Exfiltration (LOW): The skill accesses local configuration and artifact files (.local/prep.env) which may contain sensitive build or PR metadata.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 02:18 PM