skills/jeremylongshore/claude-code-plugins-plus-skills/creating-github-issues-from-web-research/Gen Agent Trust Hub
creating-github-issues-from-web-research
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its core functionality.\n
- Ingestion points: External data is fetched using
WebSearchandWebFetchas described inSKILL.mdandassets/example_search_results.json.\n - Boundary markers: There are no explicit instructions or delimiters in the prompt templates to ensure the agent disregards instructions found within the fetched web content.\n
- Capability inventory: The skill possesses write capabilities to GitHub repositories using an API token, enabling an attacker to potentially influence the content, labels, or metadata of issues created via injected content.\n
- Sanitization: While the
assets/config_template.jsonmentionssanitize_html, this is insufficient to prevent natural language instructions from influencing the LLM's behavior.\n- [PROMPT_INJECTION]: The skill includes deceptive trigger phrases inSKILL.md('commit', 'branch', 'git') that are common to standard version control workflows. These broad triggers may cause the skill to be suggested or activated in contexts unrelated to its intended purpose of research and issue creation.
Audit Metadata