pr-description-writer
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/analyze_git_commits.pyusessubprocess.runto executegitcommands likeloganddiff. This is required for PR analysis. The script uses safe list-style execution and hardcoded branch names to prevent command injection. - [PROMPT_INJECTION]: The skill processes untrusted data (git commits and diffs) which constitutes an indirect prompt injection surface. An attacker with commit access could embed malicious instructions. Evidence: 1) Ingestion points: Git log and diff output in
scripts/analyze_git_commits.py. 2) Boundary markers: The script uses simple text headers. 3) Capability inventory: Subprocess execution of git. 4) Sanitization: No data sanitization is performed on commit content before it is passed to the agent.
Audit Metadata