escalate-issues
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill establishes a clear documentation and escalation workflow using markdown templates and local file storage.
- [PROMPT_INJECTION]: The skill processes untrusted data via the
issue_descriptionparameter, creating a surface for indirect prompt injection in the generated reports. - Ingestion points: The
issue_descriptioninput inSKILL.mdis directly interpolated into report files. - Boundary markers: The templates do not use specific delimiters to isolate the description from the rest of the report context.
- Capability inventory: The skill is limited to file system operations via
Read,Write,Edit,Grep, andGlobtools. - Sanitization: No automated sanitization of input strings is performed before they are written to disk.
- [SAFE]: The Python code block provided in the 'Step 3: Determine Routing' section is intended for logical illustration in documentation and is not executed by the agent.
- [SAFE]: References to security-sensitive findings and example credentials (e.g., sk_live_abc123) are used strictly as illustrative examples for reporting purposes.
Audit Metadata