meeting
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from external repositories which could theoretically contain malicious instructions.\n
- Ingestion points: The skill fetches issue descriptions, comments, and labels from GitLab and GitHub using CLI tools.\n
- Boundary markers: External context is interpolated into sub-agent prompt templates without the use of explicit delimiters or instructions to ignore embedded commands.\n
- Capability inventory: The skill uses the Agent tool for sub-tasks and has the ability to read/write files and execute git/issue-management commands.\n
- Sanitization: Content from external issues is used without pre-processing or validation before being presented to the sub-agents.\n- [COMMAND_EXECUTION]: The skill utilizes standard developer tools (
glab,gh,git) to perform project management and implementation tasks. These actions are triggered only after explicit user approval, maintaining human-in-the-loop control.
Audit Metadata