oss
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill makes extensive use of
gitandghCLI commands to perform repository operations, including fetching code changes, checking authentication, and submitting data to GitHub. These commands are necessary for the skill's primary functionality. - [DATA_EXPOSURE] (SAFE): The skill reads system information (macOS version via
/System/Library/CoreServices/Setup Assistant.app/Contents/Resources/en.lproj/OSXSoftwareLicense.rtf) and checks login status (gh auth status) to populate environment details in bug reports. These actions do not expose sensitive user secrets or private credentials. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill ingests data from external sources (git commit messages and diffs) to generate PR summaries and titles. This presents a surface for indirect prompt injection if a contributor includes malicious instructions in their code or commit history.
- Ingestion points:
git diff,git log, andgh api(fetching repository templates). - Boundary markers: No specific delimiters are used to wrap ingested content when generating descriptions.
- Capability inventory: The skill can execute GitHub CLI commands to create and edit pull requests and issues.
- Sanitization: No explicit sanitization or filtering of commit messages or code diffs is performed before interpolation into prompts.
Audit Metadata