manage-issue
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool for directory and file initialization, specifically executing 'mkdir -p .workflow/issues' and 'touch .workflow/issues/issues.jsonl'.\n- [DATA_EXPOSURE]: Accesses a template file at '~/.maestro/templates/issue.json'. While this involves the user's home directory, it appears to be a tool-specific configuration path rather than a sensitive credential file.\n- [INDIRECT_PROMPT_INJECTION]: The skill ingests and processes data from project files that could contain untrusted input.\n
- Ingestion points: Reads issue records from '.workflow/issues/issues.jsonl' and cross-references from '.task/TASK-*.json'.\n
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the implementation.\n
- Capability inventory: Employs 'Read', 'Write', and 'Bash' tools for its operations.\n
- Sanitization: No validation or escaping of the ingested data is described before it is displayed or processed.
Audit Metadata