Skills
skills/ven0m0/claude-config/create-pull-request/Gen Agent Trust Hub

create-pull-request

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs expected software development tasks using official tools. No malicious patterns, obfuscation, or unauthorized data access were found.- [COMMAND_EXECUTION]: The skill uses git and gh CLI tools for repository management and pull request creation. These operations are restricted to the local development environment and the user's authenticated GitHub account, which is consistent with the skill's purpose.- [PROMPT_INJECTION]: Evaluated for indirect prompt injection potential due to the processing of git logs and diffs.
  • Ingestion points: Git commit messages and file diffs are read from the local repository (SKILL.md).
  • Boundary markers: None explicitly used to wrap the interpolated git data.
  • Capability inventory: Shell execution (git, gh) and local filesystem writes (/tmp/pr-body.md).
  • Sanitization: The skill mitigates command injection by writing the PR body to a temporary file and using the --body-file flag with the gh command, ensuring that potentially malicious content in git logs is not interpreted as shell arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 02:35 PM