merge-pr
Pass
Audited by Gen Agent Trust Hub on Apr 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a comprehensive safety-first workflow for landing code changes, requiring mandatory verification of CI status and local test suites before allowing a merge.
- [SAFE]: A dedicated Repository Safety Check (Step 3) identifies potential data leakage by scanning PR content for credentials, internal tool references, and infrastructure details before merging into public repositories.
- [SAFE]: The instructions explicitly forbid the use of administrative overrides (
--admin) to bypass established branch protection rules, ensuring that security policies are respected. - [SAFE]: Post-merge monitoring (Step 6) ensures that any breakage on the target branch is immediately detected and surfaced to the user.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by ingesting untrusted data from PR bodies and commit messages during the safety scan. This is a low-risk surface given the context of safety verification and the requirement for user confirmation.
- Ingestion points:
gh pr viewoutput used in the safety scan (SKILL.md). - Boundary markers: Absent for the retrieved text.
- Capability inventory: Pull request merging, branch deletion, and shell command execution.
- Sanitization: Not explicitly present for the retrieved text.
Audit Metadata