organizing-with-labels
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill automates GitHub repository management tasks by wrapping the GitHub CLI (
gh) within Python scripts (label-operations.pyandmilestone-manager.py). Commands are invoked usingsubprocess.runwith argument lists, which is a secure method that prevents shell injection. - [PROMPT_INJECTION]: The
infer-labelsfunction inlabel-operations.pyreads issue titles and bodies from GitHub to suggest categories. While this processes untrusted external data (Category 8), the logic uses hardcoded keyword heuristics rather than interpreting the data as instructions. Furthermore, any resulting actions require explicit user confirmation, providing a robust human-in-the-loop mitigation.
Audit Metadata