Skills
skills/melodic-software/claude-code-plugins/github-issues/Gen Agent Trust Hub

github-issues

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it retrieves and displays content from GitHub issues, which are external and untrusted sources. \n
  • Ingestion points: Issue content is ingested through gh issue view and web retrieval tools like WebFetch. \n
  • Boundary markers: No specific delimiters or instructions are present to isolate retrieved content from system instructions. \n
  • Capability inventory: The skill uses the Bash tool, allowing for significant command execution if the agent is manipulated. \n
  • Sanitization: No sanitization of the retrieved issue data is described. \n- [EXTERNAL_DOWNLOADS]: The documentation includes standard instructions to download the GitHub CLI and its official keys from trusted sources. \n
  • Evidence: references/gh-cli-guide.md details how to download the GitHub CLI keyring from cli.github.com and install the package via system managers. \n- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands for issue search and provides installation steps requiring administrative access. \n
  • Evidence: SKILL.md and references/gh-cli-guide.md demonstrate the use of the Bash tool for API interaction and package installation using sudo.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:08 AM