Skills
skills/olshansk/agent-skills/cmd-gh-issue/Gen Agent Trust Hub

cmd-gh-issue

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gh CLI to create issues by wrapping synthesized conversation content in a bash heredoc. If the conversation content contains the delimiter ISSUE_EOF followed by shell-escape sequences, it could lead to arbitrary command execution within the agent's environment.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests untrusted data from the conversation history and interpolates it into instructions for shell-based tool usage.
  • Ingestion points: The skill reads the entire conversation context to populate the issue body.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to prevent it from following commands or instructions embedded within the conversation data.
  • Capability inventory: The skill is capable of executing arbitrary shell commands via the gh CLI integration.
  • Sanitization: No evidence of sanitization or escaping is present in the instructions to ensure the synthesized content does not interfere with the shell command structure.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 05:11 PM