forge-implement-issue
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing untrusted data from external sources.
- Ingestion points: The skill retrieves requirements, acceptance criteria, and comments from GitHub issues using
gh issue view(Step 1). - Boundary markers: The instructions do not include boundary markers or guidance to distinguish between user-provided instructions and data retrieved from the GitHub issue.
- Capability inventory: The agent is granted capabilities to modify the local filesystem, perform git operations (commit, push), and execute project-specific scripts such as tests and code generators (Steps 5, 8, and 9).
- Sanitization: No sanitization, validation, or filtering is applied to the content fetched from GitHub before it influences the agent's planning and implementation phases.
Audit Metadata