Skills
skills/diegocanepa/agent-skills/vcs-issue-management/Gen Agent Trust Hub

vcs-issue-management

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes issue comments from external platforms (GitHub/GitLab) which may contain instructions designed to influence the agent's behavior.
  • Ingestion points: SKILL.md (Workflow step 1: Information Gathering
  • Read the latest comments).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to treat external comment data as untrusted.
  • Capability inventory: SKILL.md (Tool mapping includes add_issue_comment, update_issue, create_issue_note, and edit_issue).
  • Sanitization: The skill does not perform data sanitization, but it implements a mandatory human-in-the-loop step ('MITM Confirmation' in SKILL.md and references/communication.md) that requires the user to approve all drafted text before execution, providing a strong mitigation against unauthorized actions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 02:26 AM