Skills
skills/ruvnet/ruflo/agent-issue-tracker/Gen Agent Trust Hub

agent-issue-tracker

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool and shell hooks (pre and post) to interact with the GitHub CLI (gh). These commands check authentication status and manage issues within the user's repositories (e.g., ruv-FANN). This execution is a primary function of the skill.
  • [PROMPT_INJECTION]: The skill processes untrusted data from GitHub issues and comments, creating a surface for indirect prompt injection.
  • Ingestion points: Data retrieved from external repositories via mcp__github__list_issues, mcp__github__get_issue, and mcp__github__search_issues as described in the Usage Patterns.
  • Boundary markers: Not explicitly defined; the skill interpolates external content directly into task descriptions and comments without visible delimiters.
  • Capability inventory: The agent possesses Bash, TodoWrite, Read, and Write tools, which could potentially be triggered by instructions embedded in external content.
  • Sanitization: No explicit content validation or sanitization logic is present in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 04:32 PM