github-initiative-pulse
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its processing of external GitHub data.
- Ingestion points: Untrusted data is ingested from GitHub Project boards, issue titles, and PR descriptions via the tracker.py script as mentioned in SKILL.md.
- Boundary markers: The markdown templates in modules/github-comment-snippets.md and modules/status-digest.md lack delimiters or instructions to ignore embedded commands in the source data.
- Capability inventory: The skill can generate markdown comments and trigger auto-labeling on GitHub.
- Sanitization: There is no documented evidence of input validation or sanitization for the data retrieved from GitHub.
Audit Metadata