cut
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Uses git and gh commands for repository management, which is the skill's primary purpose. The use of shell heredocs with quoted delimiters is a positive security practice for handling content.
- [DATA_EXPOSURE_AND_EXFILTRATION]: No sensitive data access or external exfiltration was identified. Operations are confined to the user's configured Git environment.
- [PROMPT_INJECTION]: Processes GitHub issue titles for branch and PR naming, presenting a low-risk surface for indirect prompt injection. The skill is designed to handle this data as metadata rather than instructions.
- [EXTERNAL_DOWNLOADS]: No external dependencies or scripts are downloaded or installed during the process.
Audit Metadata