feedback
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
ghcommand-line interface to create issues on GitHub. - [DATA_EXFILTRATION]: User-provided feedback data is transmitted to the
modu-ai/cowork-pluginsrepository on GitHub. This is the intended behavior of the skill and targets the vendor's own repository. - [PROMPT_INJECTION]: The skill processes untrusted user feedback that is interpolated into shell commands, creating a potential surface for indirect prompt injection.
- Ingestion points: User input collected for bug reports and feature requests in
SKILL.md. - Boundary markers: Includes a mandatory human confirmation step ("이슈 미리보기") which requires user approval before the command is executed.
- Capability inventory: Shell execution of the
gh issue createcommand. - Sanitization: No explicit instructions are provided for escaping or sanitizing user-provided strings before they are placed in the command template.
Audit Metadata