Skills
skills/chrislacey89/skills/triage-issue/Gen Agent Trust Hub

triage-issue

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the agent to generate and execute 'deterministic feedback loops' (scripts, tests, or shell commands) to reproduce reported bugs within the local environment.
  • [DATA_EXFILTRATION]: The agent uses the gh issue create tool to publish diagnostic findings to GitHub. The instructions specify that the agent should not ask for user review before creation, though this is tempered by strict guidelines on what data to omit from the report.
  • [PROMPT_INJECTION]: The skill is a surface for indirect prompt injection because it processes untrusted bug descriptions provided by users.
  • Ingestion points: User-provided problem descriptions are captured in SKILL.md (Step 1).
  • Boundary markers: None; the skill does not use specific delimiters or instructions to ignore nested commands within the user's report.
  • Capability inventory: The agent can read source code, view git logs, execute reproduction scripts, and post data to GitHub via the gh CLI.
  • Sanitization: The skill includes a high-leverage safety instruction directing the agent to omit file paths, line numbers, and implementation details from the final GitHub issue, focusing instead on domain-level behaviors and contracts.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 04:21 PM