pr-create
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements a security constraint that automatically blocks PR creation if sensitive files (e.g., .env, credentials, .pem, .key, id_rsa) are detected in the git diff, protecting against accidental secret exposure.
- [COMMAND_EXECUTION]: Uses standard git and gh CLI commands to validate branch state, gather context, and manage remote repository operations.
- [EXTERNAL_DOWNLOADS]: Depends on the GitHub CLI (gh), a well-known service tool, for authenticated API interactions.
- [PROMPT_INJECTION]: Processes local repository data to generate PR descriptions. 1. Ingestion points: Commits logs, diff stats, and PR templates. 2. Boundary markers: Uses HEREDOC for command construction and requires a mandatory human-in-the-loop approval step. 3. Capability inventory: File reading, network access via git/gh, and branch management. 4. Sanitization: Relies on explicit user review and verification of the drafted content before submission.
Audit Metadata