triage-issue
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill implements a dedicated security script (
detect_prompt_injection.py) that proactively scans issue titles, bodies, and comments for malicious injection patterns using a scoring system before any analysis occurs. - [DATA_EXFILTRATION]: No evidence of data exfiltration was found. The skill uses environment variables for Linear credentials (
LINEAR_CLIENT_ID,LINEAR_CLIENT_SECRET) within a Python script to prevent accidental exposure in logs or CLI arguments. Network operations are restricted to known official APIs (GitHub and Linear). - [COMMAND_EXECUTION]: The skill executes local utility scripts and standard tools like
ghandgrep. It includes specific instructions to strip shell metacharacters from issue-derived search terms in Step 3 to prevent command injection. - [EXTERNAL_DOWNLOADS]: All external references are to well-known technology platforms (GitHub API, Linear API) or the vendor's own repositories (
getsentry/sentry-javascript,getsentry/sentry-docs). These are documented as safe vendor operations. - [INDIRECT_PROMPT_INJECTION]: The skill explicitly identifies issue content as untrusted data. It mitigates indirect injection risks by running a mandatory pre-check script and instructing the agent to treat issue content solely as data for classification rather than instructions to follow.
Audit Metadata