create-pr
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes git commands (diff, log, push) and the GitHub CLI (gh pr create) to perform its core functions. These commands are appropriate for the skill's stated purpose and do not attempt to access sensitive system files or credentials.
- [PROMPT_INJECTION]: The skill processes untrusted content from git diffs, representing an indirect prompt injection surface.
- Ingestion points: git diff and git log outputs are used to provide context for summary generation.
- Boundary markers: No explicit markers are used to separate the diff content from the agent instructions.
- Capability inventory: The skill can create pull requests and push code to remote repositories.
- Sanitization: No sanitization is performed on the diff data before processing.
- [SAFE]: No malicious patterns were identified. The implementation follows standard developer practices and includes shell-safe techniques like quoted heredocs ('EOF') to prevent code injection during command execution.
Audit Metadata