Skills
skills/sadiksaifi/skills/snap-plan/Gen Agent Trust Hub

snap-plan

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it fetches and processes content from external GitHub issues which are under the control of potentially untrusted users.
  • Ingestion points: The command gh issue view <number> in SKILL.md imports external issue data into the agent's active context.
  • Boundary markers: Absent. The instructions do not specify any delimiters or safety warnings to ignore instructions embedded within the fetched issue content.
  • Capability inventory: The agent uses gh issue view (read), performs codebase exploration (read), and uses gh issue comment (write). An attacker could potentially influence how the agent explores the code or what it posts in the final comment.
  • Sanitization: Absent. There are no steps to sanitize or validate the issue content before the agent uses it to generate the implementation plan.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:55 AM