moai-core-issue-labels
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requests and utilizes the
Bashtool to perform repository management tasks, specifically using the GitHub CLI (gh) to create and configure issue labels as documented inreference.md. - [PROMPT_INJECTION]: The skill identifies an attack surface for Indirect Prompt Injection (Category 8). It ingests untrusted data from GitHub issue titles and descriptions to perform auto-labeling heuristics.
- Ingestion points: Untrusted data enters the context via issue titles and bodies during the auto-labeling phase described in
SKILL.md. - Boundary markers: The provided documentation does not specify the use of delimiters or instructions to ignore embedded commands within the processed issue content.
- Capability inventory: The skill has access to powerful capabilities including
Bashfor command execution andWebFetchfor network operations. - Sanitization: There is no evidence of sanitization or validation logic for the external issue content before it is processed by the agent's logic.
Audit Metadata