Safety Report

Pull Request

Name: Pull Request
Rating: 5 (2 reviews)
Author: ivangdavila

Create high-quality pull requests with pre-submission validation, maintainer-friendly formatting, and automated quality checks.

414Downloads

0Installs

2Stars

2Versions

Workflow Automation3,323 Browser Automation1,737 Git & Version Control784 Code Review200

Security Analysis

high confidence

Clean

This is an instruction-only skill that provides repository- and PR-focused guidance; its requirements and instructions are coherent with the stated goal and it does not request unusual privileges or install anything.

Feb 13, 20265 files

Purpose & Capabilityok

The name/description ('Pull Request' guidance) matches the included files (checklist, red-flags, repo-context, templates). There are no unrelated required env vars, binaries, or config paths; all guidance is appropriate for creating maintainable PRs.

Instruction Scopeok

SKILL.md and the companion files instruct the agent to read repository metadata (CONTRIBUTING.md, CI files, style configs) and to avoid secrets and sensitive paths. The instructions do not direct the agent to collect or transmit data outside the normal PR workflow, nor do they instruct accessing unrelated system files. They explicitly tell the contributor not to include secrets and to disclose AI involvement.

Install Mechanismok

No install spec and no code files — instruction-only skill. Nothing will be written to disk or downloaded during install, so there is no installer-related risk.

Credentialsok

The skill does not request any environment variables, credentials, or config paths. Guidance about repository context is proportionate to the skill's purpose and the files explicitly say not to read secrets (e.g., .env).

Persistence & Privilegeok

The skill is not marked always:true and does not request persistent system presence or modify other skills. It is user-invocable and may be invoked autonomously by the agent (platform default), which is expected for a guidance skill.

Guidance

This skill is a collection of best-practice instructions and templates for authoring PRs and is internally consistent. Before installing or enabling it: 1) Confirm your agent won't be given automatic write/push permissions to repositories you care about (the skill doesn't request credentials, but an agent could be granted repo access separately). 2) Never use the skill to collect or share private secrets or .env contents—its docs explicitly forbid that. 3) If you plan to let the agent act autonomously, decide whether you want any automatic pushes/PR openings enabled and review prompts/logs before sending them to third parties. Otherwise, this skill appears safe and aligned with its stated purpose.

Latest Release

v1.0.1

Add complete skill with AI-assisted PR guidance, rate limiting, and contextual issue policy

More by @ivangdavila

DOCX

18 stars

Market Research

18 stars

Code

14 stars

Excel / XLSX

13 stars

Data Analysis

13 stars

Office

11 stars

Published by @ivangdavila on ClawHub