oh-graphic-gitcode-pr-creator

================================================================================

✅ VERDICT: SAFE

This skill describes a workflow for creating Gitcode Pull Requests using standard git commands and agent-provided tools. No direct security vulnerabilities, malicious patterns, or obfuscation were detected within the skill's instructions. The analysis was performed only on files directly distributed with the skill.

Total Findings: 1

ℹ️ INFO Findings: • Indirect Prompt Injection Risk

• Line 33: The skill processes content from .gitcode/PULL_REQUEST_TEMPLATE.zh-CN.md. If this template file were to be controlled by a malicious actor, its content could potentially be used for indirect prompt injection if fed directly into an LLM without sanitization. This is a general risk when processing external, user-controlled data, not a direct vulnerability in the skill's instructions.

================================================================================