outside-to-issue
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script
scripts/transform-outside-to-issues.shto perform file system operations and data transformation tasks for specific pull requests.\n- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes external data from markdown files in theoutside/directory, which are then written to theissues/directory. Malicious instructions embedded in these source files could potentially influence the agent when it later interacts with the generated issue files.\n - Ingestion points: Markdown files located in
ai-docs/reviews-pr-<PR>/outside/.\n - Boundary markers: The documentation does not specify the use of delimiters or instructions to ignore embedded content during the transformation process.\n
- Capability inventory: Shell script execution (
scripts/transform-outside-to-issues.sh) and local file system read/write access.\n - Sanitization: No evidence of sanitization, escaping, or validation of the input file content was found in the skill description.
Audit Metadata