Skills
skills/eho/agent-skills/prd-to-github-milestone/Gen Agent Trust Hub

prd-to-github-milestone

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell scripts (scripts/create_issue.sh, scripts/create_milestone.sh) and the GitHub CLI (gh) to perform repository management actions such as creating issues, labels, and milestones.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it parses content from untrusted PRD files to generate GitHub issues.\n
  • Ingestion points: Processes markdown content from local files such as docs/PRD.md or tasks/prd-[feature].md.\n
  • Boundary markers: No specific boundary markers or instructions are used to differentiate PRD content from agent-level instructions.\n
  • Capability inventory: The skill can create and modify issues, labels, and milestones in a GitHub repository using the gh CLI tool.\n
  • Sanitization: It uses shell heredocs with quoted delimiters (cat <<'EOF') to safely handle PRD content when creating issue bodies, preventing the content from being interpreted as shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:54 AM