Skills
skills/autumnsgrove/groveengine/grove-issues/Gen Agent Trust Hub

grove-issues

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Employs gh issue list and gh issue create to interact with GitHub repositories. The implementation uses quoted heredocs ('EOF') which is a recognized safe practice to prevent shell variable expansion of user-provided content.
  • [PROMPT_INJECTION]: The skill processes untrusted user-provided text ('brain dump') to generate issue content.
  • Ingestion points: User input processed via the pipeline in SKILL.md.
  • Boundary markers: Explicit markdown templates for summary, criteria, and context sections are used to structure the generated content.
  • Capability inventory: GitHub CLI read and write capabilities (gh issue list, gh issue create).
  • Sanitization: Use of strict imperative mood guidelines, anti-patterns definitions, and shell heredocs to constrain and safely format the agent's output.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 06:24 PM