fusion-issue-author-feature
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a process-oriented specialist that drafts content locally in a temporary directory (
.tmp/). It explicitly defers all mutation operations (API calls to GitHub) to a separate orchestrator skill,fusion-issue-authoring, reducing the risk of unauthorized actions. - [INDIRECT_PROMPT_INJECTION]: The skill ingests user-provided inputs like 'Feature intent' and 'Scope' to generate drafts. This represents a standard ingestion surface for untrusted data. However, the skill lacks high-risk capabilities such as code execution or direct network access that could be exploited via injection. Following the Adversarial Reasoning Framework, this is a low-risk surface common to drafting tools.
- [NO_CODE]: The skill consists entirely of Markdown documentation and templates. No scripts (Shell, Python, Node.js) are included in the skill package, significantly limiting its attack surface.
Audit Metadata