drupal-issue
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a guided manual workflow that requires the user to manually copy-paste generated content into the drupal.org web interface. This design maintains a strong human-in-the-loop security posture, preventing automated misuse.
- [COMMAND_EXECUTION]: When running in enhanced environments (Tier 2), the skill uses standard system utilities such as
pbcopy,xclip, orwl-copyto copy issue titles to the system clipboard. These are well-known tools used here for a limited, user-assisting purpose. - [EXTERNAL_DOWNLOADS]: The skill directs users to official drupal.org URLs for issue submission. drupal.org is a well-known community platform, and the interaction is limited to opening URLs in the user's authenticated browser session.
- [PROMPT_INJECTION]: The skill processes user-provided bug descriptions and feature requests to populate HTML templates. While this is a form of untrusted data ingestion, the risk is mitigated because the output is intended for manual review and submission by the user to a public forum.
Audit Metadata