github-issue-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted external data (error logs, raw notes) to create markdown reports. This surface could be exploited if malicious instructions are embedded within the data provided for processing.\n
- Ingestion points: Raw input text (logs, notes, dictation) provided to the skill for transformation.\n
- Boundary markers: Absent; the skill lacks specific delimiters to separate untrusted content from system instructions.\n
- Capability inventory: The skill writes markdown files to the
/issues/directory. No network, shell, or code execution tools are utilized.\n - Sanitization: The guidelines explicitly instruct the agent to use placeholders for sensitive data (e.g.,
[USER_ID]), which is a helpful security practice.\n- No Code (SAFE): The skill contains only instructional text and markdown templates with no executable scripts or third-party dependencies.
Audit Metadata