sync-to-copilot
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute a local Node.js script located at '.claude/scripts/sync-copilot-workflows.cjs' to generate GitHub Copilot instruction files.
- [INDIRECT_PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface when processing project-specific documentation. Ingestion points: Reads content from 'docs/project-reference/*.md' and 'docs/copilot-registry.json' to extract summaries and headers. Boundary markers: Absent; the enrichment protocol does not define delimiters or specific 'ignore' instructions for the content extracted from external doc files. Capability inventory: Includes execution of shell commands via Node.js and the ability to create or modify files in the repository's '.github' directory. Sanitization: Absent; the skill extracts information like '##' headings and summaries directly from files without verification or escaping, which could allow malicious instructions in source files to influence the AI's behavior or be propagated into the final configuration.
Audit Metadata