Skills
skills/sadiksaifi/skills/snap-ship/Gen Agent Trust Hub

snap-ship

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its workflow of ingesting external, untrusted data to generate Pull Request content.
  • Ingestion points: In SKILL.md, the workflow retrieves data from "linked issue body + comments and material parent PRD/epic/breakdown links" during the analysis phase.
  • Boundary markers: The instructions lack explicit boundary markers or directives for the agent to ignore instructions embedded within the fetched external data.
  • Capability inventory: The skill utilizes the GitHub environment to create and update Pull Requests, which involves writing data to the repository's metadata and conversation history.
  • Sanitization: There is no mention of sanitizing or escaping the retrieved content before it is processed by the model to generate the final PR title and body.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 04:55 AM