Skills
skills/phrazzld/claude-config/pr/Gen Agent Trust Hub

pr

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to automate the git workflow.
  • Evidence: Uses gh pr create --draft --assignee phrazzld to interact with GitHub and standard git commands to stage and commit changes.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection due to its processing of untrusted external data.
  • Ingestion points: Reads content from linked GitHub issues and branch diffs (Workflow step 2).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat issue content as untrusted data.
  • Capability inventory: The agent has the ability to commit code and create PRs via the gh CLI.
  • Sanitization: There is no evidence of sanitization or filtering of the content pulled from issues or code comments before it is used to generate the PR body or influence agent actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 03:56 AM