ticket-triage
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE]: The skill is composed entirely of markdown instructions and YAML metadata, containing no executable scripts or binary files.
- [PROMPT_INJECTION]: The skill processes untrusted data from tickets, representing an indirect prompt injection surface.
- Ingestion points: Ticket content provided in prompts, local file paths, and external issues fetched from Jira, Linear, or GitHub.
- Boundary markers: None; the instructions do not include delimiters or specific warnings to the agent to ignore instructions embedded within the ticket content.
- Capability inventory: Reading local files and using MCP tools to fetch data from external issue trackers.
- Sanitization: None; external content is processed as-is for evaluation.
Audit Metadata