ralph-github-create-issues
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses the GitHub CLI (
gh) to manage issues and labels. These operations are restricted to the current repository and follow standard development workflows.\n- [PROMPT_INJECTION] (LOW): The skill processes untrusted content from local markdown files, which represents a potential vector for indirect prompt injection.\n - Ingestion points: Markdown files in
.claude/plans/,plans/, orprds/.\n - Boundary markers: Uses single-quoted bash heredocs (
<<'EOF') to mitigate command injection during issue creation, but provides no natural language constraints for the processed content.\n - Capability inventory: Read/write/delete access on the filesystem and network interaction with the GitHub API.\n
- Sanitization: No explicit sanitization or validation of the ingested markdown content is performed.
Audit Metadata