ticket
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'mkdir' command to set up its local file structure, which is a common and safe system operation.
- [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by storing user input in markdown files for subsequent agent processing. 1. Ingestion points: User input for ticket details entered during the workflow defined in SKILL.md. 2. Boundary markers: Markdown headers are used as delimiters in the ticket template. 3. Capability inventory: Subprocess call to 'mkdir' and file-write operations defined in SKILL.md. 4. Sanitization: The skill does not perform sanitization on the user-provided text.
Audit Metadata