Skills
skills/mgratzer/forge/forge-create-issue/Gen Agent Trust Hub

forge-create-issue

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gh (GitHub CLI) to create issues and standard shell commands to manage a local plan/ directory. These operations are essential to the skill's function and follow established patterns.
  • [DATA_EXFILTRATION]: The skill communicates with GitHub's servers via the official gh tool to create issues. This is the intended behavior for GitHub integration and does not involve unauthorized data access or exfiltration.
  • [PROMPT_INJECTION]: Indirect prompt injection risk surface identified. 1. Ingestion point: User input in $ARGUMENTS (SKILL.md). 2. Boundary markers: Instruction to clarify context and success criteria. 3. Capability inventory: gh CLI execution and local file writes (SKILL.md, references/plan-folder-spec.md). 4. Sanitization: Mandatory human-in-the-loop review and approval step before issue creation (SKILL.md Step 6).
  • [SAFE]: The documentation provided in the references/ directory contains legitimate guidance on project management, vertical slicing, and issue classification without any hidden or malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 11:36 AM