Skills
skills/oldwinter/skills/github-issue-dedupe/Gen Agent Trust Hub

github-issue-dedupe

Pass

Audited by Gen Agent Trust Hub on Feb 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected. The skill processes untrusted data from external GitHub issues to determine actions.
  • Ingestion points: GitHub issue titles, bodies, and error messages are retrieved via gh issue list and gh issue view (Steps 1 & 3).
  • Boundary markers: Absent. There are no instructions to treat issue content as untrusted data or use delimiters.
  • Capability inventory: gh issue comment (write access to GitHub), gh issue list/view (read access to GitHub).
  • Sanitization: Absent. The skill does not specify escaping or filtering logic for issue content before processing or using it in search queries.
  • [COMMAND_EXECUTION] (SAFE): The skill uses the standard gh (GitHub CLI) tool for its intended purpose. The commands used (list, view, comment) are limited to the scope of issue management and do not involve arbitrary shell execution or system-level changes.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 22, 2026, 02:52 PM