ai-bug-triage
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill ingests potentially untrusted data from CI logs and error reports (SKILL.md) which are then interpolated into LLM prompts for classification and ticket generation. The process lacks explicit boundary markers or sanitization for prompt injection within the provided prompt templates, representing an indirect prompt injection surface. This risk is mitigated by the mandatory Step 7 which requires human approval before creating or merging any tickets. Capability inventory includes subprocess calls for the GitHub CLI and execution of local scripts such as 'scripts/extract-failures.js'.
- [COMMAND_EXECUTION]: The skill utilizes shell commands, specifically the GitHub CLI ('gh issue create') and local Node.js scripts, to automate the ticket creation process and extract failures from test reports based on data processed by the LLM pipeline.
Audit Metadata