git-pr-workflows-pr-enhance
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill analyzes and processes content from pull requests which are untrusted external inputs.
- Ingestion points: Pull request titles, descriptions, and diffs processed through $ARGUMENTS and the skill context.
- Boundary markers: The skill lacks delimiters or specific instructions to ignore embedded commands within the PR data.
- Capability inventory: The skill is designed for PR automation and documentation which implies the agent may have write access to the repository context.
- Sanitization: No input validation or sanitization of the PR content is performed before processing.
Audit Metadata