research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Prompt Injection] (LOW): Indirect Prompt Injection surface. 1. Ingestion points: The skill ingests untrusted data from GitHub search results and local error messages. 2. Boundary markers: Absent; data is directly interpolated into natural language prompts for AI synthesis. 3. Capability inventory: Uses 'gh' and 'gemini' CLI tools for external interaction. 4. Sanitization: Absent; no evidence of content escaping or validation.
- [External Downloads] (LOW): Recommends installation of 'google-generativeai' via pip. This is a trusted dependency from the 'google' organization.
Audit Metadata