Skills
skills/arinhubcom/arinhub/ah-verify-requirements-coverage/Gen Agent Trust Hub

ah-verify-requirements-coverage

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources.\n
  • Ingestion points: Fetches issue descriptions and PR bodies using gh issue view (Step 5) and gh pr view (Step 3).\n
  • Boundary markers: The procedure does not specify the use of delimiters or 'ignore' instructions when passing the external content to the LLM for analysis in Step 8.\n
  • Capability inventory: No high-risk capabilities (like file-writing, network POSTs to non-whitelisted domains, or eval usage) were detected; the skill primarily generates a text report.\n
  • Sanitization: The skill does not perform sanitization or filtering on the retrieved GitHub content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 02:30 AM