feedback-session
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
gh(GitHub CLI) andgitcommands to manage labels, search for issues, and create new feedback entries. These operations are restricted to the intended functionality of the skill. - [DYNAMIC_CONTEXT_INJECTION]: Employs the
!commandsyntax to executegit remote -vandgh issue listat load time. This behavior is used to gather repository and issue context necessary for the skill's execution. - [DATA_EXFILTRATION]: While the skill sends data to GitHub by creating issues, it mitigates exfiltration risks by requiring the user to review and approve all findings via a multi-select prompt (
AskUserQuestion) before any network requests are made. - [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted conversation history to generate feedback summaries and search queries.
- Ingestion points: Step 2 analyzes the entire conversation history for feedback signals.
- Boundary markers: None explicitly defined in the prompt instructions for the extraction phase.
- Capability inventory: The skill can create GitHub issues and labels (
gh issue create,gh label create) and perform git queries. - Sanitization: The skill relies on the agent's internal reasoning to filter findings, but does not provide specific sanitization instructions for the resulting issue titles or bodies.
Audit Metadata