Skills
skills/wibaek/skills/github-pr-writer/Gen Agent Trust Hub

github-pr-writer

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes git and the GitHub CLI (gh) to interact with the repository. It performs read operations using git status, git log, and git diff, and write operations via gh pr create as defined in SKILL.md.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it summarizes content from git history. * Ingestion points: Data enters the context from git log and git diff outputs (SKILL.md). * Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands in the git output. * Capability inventory: The skill can perform writes to the repository using gh pr create (SKILL.md). * Sanitization: There is no explicit sanitization step for the content extracted from git history before it is used to build the PR description.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 02:23 AM