Skills
skills/athola/claude-night-market/do-issue/Gen Agent Trust Hub

do-issue

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill retrieves and processes external issue content from GitHub or GitLab, which is then passed to subagents via the Task tool. This creates a surface for indirect prompt injection.
  • Ingestion points: Issue bodies fetched in modules/issue-discovery.md.
  • Boundary markers: None explicitly implemented to isolate external content from instructions.
  • Capability inventory: Subagents can modify the codebase and execute commands.
  • Sanitization: No filtering is performed on issue content before it is used to generate tasks.
  • [SAFE]: The skill directs tooling-related feedback to a GitHub repository (github.com/athola/claude-night-market) owned by the author. This is documented as a standard vendor-provided feedback channel.
  • [SAFE]: Troubleshooting documentation correctly references official Anthropic documentation and GitHub issues for known tool behaviors.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 11:26 PM