Skills
skills/pfcclab/paddle-skills/fastdeploy-pull-request/Gen Agent Trust Hub

fastdeploy-pull-request

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill instructs the agent to install an external Python package (pre-commit==4.2.0) and references a remote PR template from GitHub (PaddlePaddle/FastDeploy). These are standard dependencies for the target workflow.
  • COMMAND_EXECUTION (LOW): The skill executes multiple shell commands including git push, pre-commit, and gh pr create. The use of cat <<'EOF' in the PR creation example demonstrates a safe practice by preventing shell expansion within the generated PR body text.
  • PROMPT_INJECTION (LOW): Under Category 8 (Indirect Prompt Injection), the skill is designed to ingest untrusted data (git commit history and code diffs) to generate a summarized PR body.
  • Ingestion points: Local git commit logs and file changes.
  • Boundary markers: None explicitly defined for the AI's summarization process.
  • Capability inventory: Write access to GitHub via gh and command execution via pip and git.
  • Sanitization: The skill relies on the AI to logically group changes, creating a surface where malicious commit messages could influence the agent's output, though the impact is limited to the content of the Pull Request.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 12:36 PM