implement-issue
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by processing external data from Gitee issues that may contain malicious instructions.
- Ingestion points: Issue titles, descriptions, and comments are retrieved using
get_repo_issue_detailandlist_issue_commentsas described inSKILL.md(Step 1). - Boundary markers: Absent. The skill does not use delimiters or instructions to treat the issue content as untrusted data.
- Capability inventory: The skill can suggest code implementations, create pull requests (
create_pull), add comments to issues (comment_issue), and modify issue metadata (update_issue). - Sanitization: Absent. There is no evidence of validation or filtering of the content retrieved from the Gitee API before it is used to generate implementation plans or PR descriptions.
Audit Metadata