create-issue
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes user-provided text for issue descriptions, which is a common surface for indirect prompt injection. However, the skill mitigates this risk by employing structured templates and a mandatory verification step where the agent must confirm the finalized content with the user before calling the Gitee API.
- [DATA_EXFILTRATION]: No unauthorized data access or exfiltration patterns were detected. The skill only interacts with Gitee through the Gitee MCP server to perform its documented functions (listing repositories and creating issues).
- [REMOTE_CODE_EXECUTION]: No patterns for remote code execution or unauthorized package management were found. The skill suggests using 'mcporter', a developer tool in the Gitee/OSChina ecosystem, for a better CLI experience, but does not automate its installation or execution.
- [COMMAND_EXECUTION]: The skill is restricted to using predefined tools within the Gitee MCP server and does not attempt to execute arbitrary shell commands or escalate privileges.
Audit Metadata