github-pr
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands using
gitand the GitHub CLI (gh) to perform repository operations such as branch detection (git branch --show-current), change analysis (git diff), and pull request creation (gh pr create). These operations are essential for the skill's primary functionality. - [SAFE]: The skill references organization-specific resources including a Jira domain (
sellernote.atlassian.net) and a specialized Node.js package (@sellernote/sellernote-nestjs-api-property). These are documented as vendor-owned resources for the 'sellernote' author and do not present a security risk. - [SAFE]: The skill analyzes local file changes, including configuration files like
.env, for the purpose of classifying changes in the PR summary. This data is processed locally to generate the PR body and is not exfiltrated to unauthorized external domains.
Audit Metadata