Skills
skills/willbooster/agent-skills/github-pr/Gen Agent Trust Hub

github-pr

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the GitHub CLI (gh) and Git to perform repository and pull request operations. Specifically, it executes gh pr create, gh pr checks, gh run view, and gh api graphql to interact with GitHub's services.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from GitHub pull request comments and review threads, representing a potential surface for indirect prompt injection.\n
  • Ingestion points: scripts/github_pr.rb (GraphQL queries THREAD_QUERY and COMMENT_QUERY fetching comment bodies).\n
  • Boundary markers: Absent; no delimiters or instructions are used to distinguish external content.\n
  • Capability inventory: The skill has the ability to create pull requests and post replies via the GitHub API.\n
  • Sanitization: Absent; fetched content is not escaped before being processed by the agent.\n- [SAFE]: No malicious behavior, obfuscation, or data exfiltration attempts were identified. The skill interacts with GitHub, a well-known service, using standard development tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 01:33 AM