load-issues
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external data from GitHub issues.
- Ingestion points: Issue data (titles and bodies) retrieved via 'gh issue view' in SKILL.md.
- Boundary markers: Absent. External data is interpolated directly into markdown templates without delimiters or 'ignore' instructions.
- Capability inventory: The skill uses the 'Write' tool to create markdown files and 'Bash' for directory creation.
- Sanitization: Instructions request formatting issue titles to kebab-case for filenames, but no sanitization or escaping is specified for the issue body content before it is written to the filesystem.
Audit Metadata