issue-slice-autopilot
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through GitHub issue bodies. It reads issue descriptions via
gh issue viewand automatically translates them into implementation tasks and PRs without sanitization. * Ingestion points: GitHub issue body viagh issue view. * Boundary markers: None present. * Capability inventory: File system modification,gitoperations, and GitHub issue/PR management viaghCLI. * Sanitization: None detected. - [COMMAND_EXECUTION]: The skill executes various system commands and local scripts to manage the development lifecycle. * Evidence: Execution of
git,gh, and the local script./scripts/agents/tooling/agentTool.ts.
Audit Metadata