Skills
skills/jwilger/agent-skills/ticket-triage/Gen Agent Trust Hub

ticket-triage

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources (tickets, user stories, and issues), which presents a surface for indirect prompt injection. . . .
  • Ingestion points: The agent fetches ticket content from user prompts, local file paths, or via MCP tools for trackers such as Jira, Linear, and GitHub. . . .
  • Boundary markers: The instructions do not define delimiters or explicit boundary markers to isolate the untrusted ticket content from the evaluation logic. . . .
  • Capability inventory: The skill's capabilities are limited to reading content and generating a text-based assessment. It does not perform file writes, command execution, or network exfiltration. . . .
  • Sanitization: No sanitization or validation of the input text is required or specified before the evaluation process.
  • [NO_CODE]: The skill consists entirely of markdown-based instructions and YAML metadata. It does not contain any scripts, binaries, or other executable files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 06:52 PM