triage-issue
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill utilizes the
ghCLI to create issues on GitHub, transmitting data derived from the codebase to an external service. This is a core function of the skill and targets a well-known service. - [COMMAND_EXECUTION]: The skill runs local commands using the
ghtool and an exploration agent to analyze the repository and manage issues. These actions are consistent with the skill's stated purpose of triaging bugs. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing untrusted content from the codebase being triaged. Malicious instructions embedded in the code could potentially influence the agent's analysis or the resulting GitHub issue.
- Ingestion points: The
Agenttool withsubagent_type=Explorereads source files, dependencies, and git logs from the repository. - Boundary markers: No specific delimiters or instructions are provided to the sub-agent to distinguish between codebase content and operational instructions.
- Capability inventory: The skill uses an exploration agent to read the filesystem and the
ghCLI to create issues. - Sanitization: The skill does not specify any sanitization or validation of the content extracted from the codebase before it is used to generate the issue.
Audit Metadata