Skills
skills/folio-org/folio-eureka-ai-dev/skill-feedback/Gen Agent Trust Hub

skill-feedback

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) to automate issue creation on the folio-org/folio-eureka-ai-dev repository. This action is gated by a mandatory user approval step, where the final command, issue title, and Markdown body are displayed for confirmation before any execution occurs.
  • [DATA_EXFILTRATION]: Data is extracted from the current session context to populate feedback reports. The skill minimizes the risk of accidental sensitive data exposure by explicitly instructing the agent to omit secrets, tokens, and private URLs, and by ensuring the user validates the full content before it is transmitted to the external repository.
  • [PROMPT_INJECTION]: Because the skill reads and summarizes the current session transcript (untrusted data), it possesses a surface for indirect prompt injection. This risk is mitigated through instructions to summarize content rather than copy it verbatim and by requiring a user to review and approve the generated draft before submission.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 01:56 PM