github-issue-creator
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Command Line Interface Usage: The skill uses the
gh(GitHub) CLI to automate issue creation. This is a standard and expected tool for repository management tasks. - Defensive Data Handling: The instructions specifically mandate writing the issue body to a temporary file and using the
--body-fileflag. This is a recognized security best practice to prevent shell injection or escaping vulnerabilities that can occur when passing complex user-generated strings directly as command-line arguments. - Standard Directory Access: The skill reads templates from the
.github/ISSUE_TEMPLATE/directory. This is restricted to standard project configuration files and does not involve accessing sensitive user data or system configurations. - Input Processing: The skill processes user input to populate issue fields. While this creates a surface for indirect prompt injection (where malicious content could be stored in the issue tracker), the skill's reliance on file-based CLI inputs significantly reduces the risk of direct command execution exploits during the process.
Audit Metadata