PR + Commit Workflow
ReviewAudited by ClawScan on May 10, 2026.
Overview
The skill is coherent for PR and commit workflows, but it tells agents to collect local prompt history and publish it verbatim in PR bodies, which can expose sensitive conversation details.
Use this skill only if you are comfortable with PRs containing agent prompt history. Before installing or invoking it, verify the source, confirm the active GitHub account, and require a manual review/redaction step for the full PR body before it is created or edited.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Private prompts, secrets, internal context, or sensitive project details could be exposed in a PR, including in public repositories.
This directs the agent to retrieve local/persistent prompt history and publish it in the PR body. The scope of what history is included is not tightly bounded, and redaction is left to the agent.
Prefer agent history search tools (`cm`/`cass`, Codex logs, etc.) ... Include the full prompt history verbatim; do not omit prompts. If a prompt contains sensitive info, redact only the sensitive portion
Limit prompt history to the current task, require explicit user review before publishing, redact aggressively, and consider using summaries instead of verbatim prompts.
The agent may create or edit PRs under the user's account as part of the workflow.
The skill instructs the agent to perform GitHub PR mutations. This is purpose-aligned, but it can publish or update repository-visible content.
Use `/tmp` + `gh pr edit --body-file` for updates. Create PR with `gh pr create` if not already open.
Review the branch, PR body, target repository, and visibility before allowing `gh pr create` or `gh pr edit` to run.
Actions may be taken using whichever GitHub account and repository permissions are active locally.
These commands normally use the user's authenticated GitHub CLI session, so the workflow relies on delegated GitHub account authority even though no credential is declared.
gh pr edit --body-file ... gh pr create
Confirm `gh auth status`, the target repository, and the active branch before using the skill.
A user could install a different or changed remote version if they follow the README instead of the reviewed artifact contents.
The README gives a remote clone instruction rather than a pinned install mechanism. The provided artifact set is small and readable, but provenance should be verified before installation.
Install the PR workflow skill from https://github.com/joshp123/pr-workflow-skill — clone it to wherever I keep skills
Install from a verified source or pinned commit, and inspect the files before enabling the skill.