creating-pull-requests
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard version control commands (
git log,git diff,git branch) and the GitHub CLI (gh pr create) to automate the pull request process. These commands are used for their intended purposes.- [PROMPT_INJECTION]: The skill processes untrusted data from git logs and code diffs to generate PR descriptions, which constitutes a surface for indirect prompt injection. This is a functional requirement for the skill and is handled within the scope of PR drafting.\n - Ingestion points: Git commit history and diff output (SKILL.md).\n
- Boundary markers: The skill employs Markdown templates (## Why, ## Approach) but does not include explicit delimiters to isolate ingested content or instructions to ignore embedded commands.\n
- Capability inventory: The agent can execute git and GitHub CLI commands.\n
- Sanitization: No sanitization or validation of the commit history or diff content is performed before it is formatted into the pull request body.
Audit Metadata