Skills
skills/jstarfilms/vibecode-protocol-suite/github-ops/Gen Agent Trust Hub

github-ops

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it is designed to ingest and process external markdown data.
  • Ingestion points: The scripts/publish_issues.ps1 script reads all markdown files from the docs/issues directory to synchronize them with GitHub issues.
  • Boundary markers: The skill does not implement delimiters or specific instructions to the agent to ignore or isolate instructions found within the issue file content.
  • Capability inventory: The skill has the ability to create, update, and close GitHub issues and modify project board items using the gh CLI.
  • Sanitization: While the scripts correctly use argument arrays and temporary files to prevent shell command injection, they do not sanitize the natural language content for potential adversarial instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:43 PM