Skills
skills/mindgames/skills/github-issue/Gen Agent Trust Hub

github-issue

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Uses the GitHub CLI (gh) and shell commands (cat) to create issues and manage temporary files in /tmp.
  • [PROMPT_INJECTION]: Processes untrusted user requirements to generate issue bodies and titles. Evidence chain: 1. Ingestion: User requirements in SKILL.md. 2. Boundaries: Uses single-quoted heredoc <<'EOF' to prevent shell expansion in the body. 3. Capabilities: Executing gh issue create and writing to the filesystem. 4. Sanitization: Uses --body-file to safely pass structured content, though the --title parameter remains a potential vector for command substitution if user input is not sanitized by the executing agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:18 PM