create-pr
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages pull requests using standard Git and GitHub CLI commands (gh), which are official tools for a well-known service.
- [SAFE]: It implements parallel subagents for security auditing (checking for secrets in diffs), test coverage verification, and code quality reviews (linting and type-checking), which are defensive and best-practice behaviors.
- [SAFE]: No evidence of credential exfiltration, obfuscation, or unauthorized remote code execution was found. The skill's operations are transparently defined in the workflow phases.
- [SAFE]: Indirect prompt injection risk is considered safe; while the skill ingests untrusted data from git logs and diffs (ingestion points identified in SKILL.md) to populate PR descriptions, this data is treated as documentation text and does not drive sensitive command execution or bypass agent constraints. The capability inventory is restricted to repository management via Bash and Task tools.
Audit Metadata