Skills
skills/ansteorra/kmp/github-issues/Gen Agent Trust Hub

github-issues

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): Vulnerability to Indirect Prompt Injection through untrusted external data processing.
  • Ingestion points: Data enters the agent context through tools like mcp__github__get_issue, mcp__github__search_issues, and mcp__github__list_issues which fetch content from GitHub that can be controlled by external actors.
  • Boundary markers: The skill lacks explicit boundary markers or instructions to isolate untrusted data from the system prompt.
  • Capability inventory: The skill has significant write capabilities, including mcp__github__create_issue, mcp__github__update_issue, and mcp__github__add_issue_comment across both SKILL.md and references/templates.md.
  • Sanitization: No evidence of sanitization or validation of external content is present in the workflow or templates.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:16 AM