merge-pr
Facilitates the merging of GitHub pull requests via squash, ensuring a clean and safe integration process.
Install this skill
or
73/100
Security score
The merge-pr skill was audited on Mar 1, 2026 and we found 7 security issues across 2 threat categories. Review the findings below before installing.
Categories Tested
Security Issues
medium line 154
Template literal with variable interpolation in command context
SourceSKILL.md
| 154 | ```sh |
medium line 223
Template literal with variable interpolation in command context
SourceSKILL.md
| 223 | ```sh |
medium line 15
Access to .env file
SourceSKILL.md
| 15 | - If missing, use `.local/prep.env` from the worktree if present. |
medium line 33
Access to .env file
SourceSKILL.md
| 33 | - Read `.local/review.md`, `.local/prep.md`, and `.local/prep.env` in the worktree. Do not skip. |
medium line 70
Access to .env file
SourceSKILL.md
| 70 | - `.local/prep.env` from `/prepare-pr` |
low line 75
Access to .env file
SourceSKILL.md
| 75 | for required in .local/review.md .local/prep.md .local/prep.env; do |
low line 84
Access to .env file
SourceSKILL.md
| 84 | source .local/prep.env |
Scanned on Mar 1, 2026
View Security DashboardInstall this skill with one command
/learn @lalomorales22/merge-pr-v1