pd-github-issues
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a TypeScript script using the npx tsx command to interact with the GitHub API as its primary function.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from GitHub issues.\n
- Ingestion points: Issues are fetched from a repository provided via the --repo argument in the SKILL.md command.\n
- Boundary markers: No explicit markers are defined in the skill instructions to separate external data from agent instructions.\n
- Capability inventory: The tool is limited to read-only operations for listing and filtering issues; no write or shell execution capabilities are applied to the data content.\n
- Sanitization: Content sanitization is not verifiable from the provided file pointers.\n- [EXTERNAL_DOWNLOADS]: The use of npx tsx may result in the download of the tsx package from the npm registry if it is not present in the environment.\n- [NO_CODE]: Several files (package.json, pd-github.ts, pd-proxy.ts) contain relative file path strings pointing to a parent directory (../pd-github) instead of source code, indicating this skill is a modular component or alias of another project.
Audit Metadata