merge-stack
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill does not contain any malicious patterns or unauthorized data access commands. It uses the standard
ghCLI tool for its intended purpose of repository management. - [Indirect Prompt Injection] (SAFE): Although the skill ingests PR data (titles, branch names) from GitHub, it uses this data in a non-executable manner (displaying to user and extracting PR numbers) for CLI arguments, which minimizes the surface area for indirect injection.
- [Command Execution] (SAFE): Command execution is restricted to the
ghtool as defined in theallowed-toolsmetadata, preventing arbitrary command injection.
Audit Metadata