Create Pr. Skip
Security checks across malware telemetry and agentic risk
Overview
This skill gives an agent a structured workflow for creating a GitHub pull request, and its repository-reading and PR-editing actions are disclosed and aligned with that purpose.
Install only if you want an agent to inspect your current branch, summarize code changes, and create or edit a GitHub pull request using your existing `gh` authentication. Review the generated PR title, body, and labels before relying on them, especially for private repositories or sensitive code changes.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
65/65 vendors flagged this skill as clean.