Skills
skills/nvidia/megatron-lm/respond-to-issue/Gen Agent Trust Hub

respond-to-issue

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill is scoped to the NVIDIA/Megatron-LM repository, which is consistent with the skill's authorship. It uses standard command-line tools (git, gh) to perform legitimate research tasks such as viewing issues, searching the codebase, and checking commit logs.
  • [SAFE]: A strong security control is implemented through a mandatory human-in-the-loop requirement. The instructions explicitly state that responses must be presented to the maintainer for review and must NOT be posted to GitHub automatically.
  • [SAFE]: The skill processes untrusted data (GitHub issue bodies and comments), which is a surface for indirect prompt injection. However, the risk is mitigated by the following factors:
  • Ingestion points: Data enters the context via the gh issue view command output in SKILL.md.
  • Boundary markers: No explicit delimiters are used to separate issue content from instructions.
  • Capability inventory: The agent can execute git and gh commands and read local repository files.
  • Sanitization: No explicit sanitization is performed on the issue content before it is used in command arguments (e.g., search keywords). Despite the lack of explicit sanitization, the narrow scope of the repository and the requirement for manual maintainer approval before any external action is taken keep the risk level at safe.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 07:06 AM