planning
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI to retrieve issue information. Evidence: The workflow includes running 'gh sub-issue list' to gather issue data.
- [PROMPT_INJECTION]: The skill processes external data from GitHub issues, creating a surface for indirect prompt injection. 1. Ingestion points: Reads issue titles and bodies from GitHub. 2. Boundary markers: No delimiters are specified to separate external content. 3. Capability inventory: Limited to reading issue data and writing local files. 4. Sanitization: Issue content is incorporated into generated plans without specific validation or filtering.
Audit Metadata