Skills
skills/bmad-code-org/bmad-method/bmad-os-gh-triage/Gen Agent Trust Hub

bmad-os-gh-triage

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • Prompt Injection (LOW): Detected potential for Indirect Prompt Injection.
  • Ingestion points: Issue titles and bodies are fetched from GitHub via the gh CLI as described in prompts/instructions.md.
  • Boundary markers: The prompt in prompts/agent-prompt.md uses a simple placeholder [Paste the batch of issues here] without robust delimiters or 'ignore' instructions for the data section.
  • Capability inventory: The skill generates gh CLI commands (close, comment, migrate) in its final report based on the AI's analysis of the untrusted data.
  • Sanitization: There is no evidence of sanitization or filtering of issue content before it is passed to the sub-agent for analysis.
  • Command Execution (SAFE): The use of the gh CLI for fetching and managing issues is consistent with the skill's primary stated purpose. There are no signs of arbitrary or malicious command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 07:51 PM