jaan-issue-report
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (
gh) to create issues and labels on the vendor's repository (parhumm/jaan-to). It also executes system commands such asunameandawkto collect environment metadata and process text for the reports. - [DATA_EXFILTRATION]: Transmits user-provided issue details and environment information to an external GitHub repository. This is the intended primary function of the skill and is mitigated by a mandatory manual approval step (HARD STOP), ensuring the user reviews the finalized and sanitized issue body before any data is sent.
- [DATA_EXPOSURE]: Scans active conversation history to auto-draft reports. While this exposes session data to the agent's context, the skill implements explicit privacy sanitization rules (Step 7) to remove absolute paths, credentials, and personal information before presenting the draft for review.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it ingests untrusted data from the conversation history to generate drafts. However, the mandatory human review requirement and the inclusion of an 'Input Threat Scan' (Step 4.5) provide effective safeguards against the automated execution of instructions embedded in session data.
Audit Metadata