make-pr
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the official GitHub CLI tool (
gh) to automate pull request creation. Evidence: The workflow inSKILL.mdusesgh pr create --base main --head <branch> --title "<title>" --body-file <file>. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from branch diffs and related issue context to generate pull request descriptions. * Ingestion points: Branch diffs and related work context (SKILL.md). * Boundary markers: None mentioned for the ingested diff data. * Capability inventory: Command execution via
ghCLI. * Sanitization: No explicit sanitization or validation of the generated body content.
Audit Metadata