create-pr
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs its stated purpose of automating Gitee Pull Request creation using official Gitee MCP tools. No unauthorized data access, obfuscation, or malicious command execution was found. All external resources (Gitee API tools) are consistent with the vendor's (oschina) platform.
- [PROMPT_INJECTION]: The skill is potentially vulnerable to indirect prompt injection (Category 8).
- Ingestion points: The skill ingests untrusted data from
compare_branches_tagsin Step 2 ofSKILL.md, which returns code diffs and commit messages from the repository. - Boundary markers: Absent. There are no instructions to the agent to ignore or isolate potential instructions embedded within the code changes or commit history.
- Capability inventory: The skill has the capability to write data back to the Gitee platform via the
create_pulltool (Step 5). - Sanitization: Absent. The skill does not perform validation or filtering on the content of the diffs before using them to generate the PR title and description.
Audit Metadata