Skills
skills/mysticaltech/terraform-hcloud-kube-hetzner/triage-issue/Gen Agent Trust Hub

triage-issue

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from GitHub issue bodies and comments via the gh issue view command. Malicious actors could embed instructions within issues to influence the agent's analysis or actions (such as closing legitimate issues or applying incorrect labels).
  • Ingestion points: Issue content and comments fetched via gh issue view <number> --repo kube-hetzner/terraform-hcloud-kube-hetzner --comments in SKILL.md.
  • Boundary markers: Absent. The skill does not use explicit delimiters or instructions to ignore embedded commands when processing the fetched text.
  • Capability inventory: The skill has the ability to modify GitHub state using gh issue edit, gh issue close, and gh issue transfer.
  • Sanitization: Absent. There is no evidence of sanitization or filtering of the external content before it is analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 11:51 PM