branch-split-and-pr
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill executes standard version control commands through
gitandgh(GitHub CLI). These are necessary for the skill's primary function of branch management and PR creation. - Evidence: Commands like
git stash,git switch,git push, andgh pr createare used within structured phases. - [DATA_EXFILTRATION] (SAFE): Network activity is restricted to pushing code to the repository's configured origin and interacting with GitHub's API for PR creation. No unauthorized data transmission to third-party domains was detected.
- Evidence:
git push -u origin <branch-name>andgh pr create --base develop .... - [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests untrusted data in the form of repository code changes and user-edited plan templates which could contain malicious instructions.
- Ingestion points: Current repository changes (diffs/new files) and
assets/plan-template.md. - Boundary markers: Not explicitly implemented in the prompt logic.
- Capability inventory: Git branch switching, file staging, committing, and remote pushing.
- Sanitization: None identified; the skill relies on the LLM to follow the template structure correctly.
Audit Metadata