Skills
skills/jamie-bitflight/claude_skills/start-milestone/Gen Agent Trust Hub

start-milestone

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No security issues detected. The skill facilitates standard project management tasks on GitHub.
  • [COMMAND_EXECUTION]: Executes automation tasks using a local Python script (.claude/skills/gh/scripts/github_project_setup.py) via the uv run command. This behavior is consistent with the skill's primary administrative purpose.
  • [PROMPT_INJECTION]: The skill processes milestone and issue data from GitHub, which could theoretically contain malicious instructions (indirect prompt injection).
  • Ingestion points: Fetches data from external GitHub repositories using mcp__plugin_dh_backlog__backlog_list_milestones and backlog_list_issues (SKILL.md).
  • Boundary markers: Uses template variables like {title} and {number} for reporting and as arguments, but does not include explicit delimiters or instructions to treat this content as untrusted data.
  • Capability inventory: Includes the ability to execute shell commands and modify GitHub repository state via the uv run script (SKILL.md).
  • Sanitization: The skill does not explicitly sanitize milestone names or issue titles before including them in confirmation prompts or script arguments.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:40 AM