issue
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh) to perform legitimate actions such as listing issues (gh issue list) and creating new ones (gh issue create). These commands are restricted to the stated purpose of the skill. - [PROMPT_INJECTION]: The skill processes user-provided descriptions to generate issue content. This is a potential surface for indirect prompt injection.
- Ingestion points: User descriptions are ingested during the 'Understand the idea' workflow step in SKILL.md.
- Boundary markers: No explicit delimiter markers are used for user input.
- Capability inventory: The skill has the capability to execute commands via the
ghtool. - Sanitization: No specific sanitization of the input text is mentioned.
- Note: The risk is effectively mitigated by the mandatory rule 'Never create an issue without showing the draft to the user first', ensuring human-in-the-loop verification before execution.
- [SAFE]: No obfuscation, data exfiltration, hardcoded credentials, or unauthorized network activity were detected in the skill instructions.
Audit Metadata