Skills
skills/feiskyer/claude-code-settings/github-fix-issue/Gen Agent Trust Hub

github-fix-issue

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through external data ingestion.
  • Ingestion points: The workflow fetches issue titles, bodies, and comments using gh issue view <number> (SKILL.md).
  • Boundary markers: The skill does not define delimiters or provide instructions to the agent to ignore potentially malicious directions embedded in issue descriptions.
  • Capability inventory: The skill allows the agent to create branches, modify code, run tests, and open Pull Requests (git checkout, gh pr create).
  • Sanitization: There is no evidence of sanitization or filtering of the fetched issue content before it is used to 'Plan the Fix'.
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) and git to perform repository operations. While these are legitimate tools, the specific commands (e.g., gh pr create, git checkout) are executed based on plans derived from untrusted issue data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 05:54 AM