Skills
skills/mckinsey/agents-at-scale-ark/ark-issues/Gen Agent Trust Hub

ark-issues

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill provides templates for using the gh CLI tool to manage issues in the mckinsey/agents-at-scale-ark repository. All actions are consistent with the stated purpose of the skill.\n- [PROMPT_INJECTION] (LOW): The skill exhibits an indirect prompt injection surface by ingesting and processing untrusted data from GitHub issue descriptions and comments.\n
  • Ingestion points: Data is retrieved from GitHub using gh search issues, gh issue list, and gh issue view.\n
  • Boundary markers: Absent; no delimiters or warnings are used to differentiate untrusted issue content from agent instructions.\n
  • Capability inventory: The skill allows for writing operations including gh issue create, gh issue comment, and gh issue edit.\n
  • Sanitization: Absent; the skill does not specify any sanitization or validation of the content retrieved from external GitHub issues.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 09:14 PM