snap-slice
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's logic is dedicated to task decomposition and project management. No malicious behaviors, obfuscation, or unauthorized data access were found.\n- [COMMAND_EXECUTION]: The skill uses the GitHub CLI (
gh repo view) to retrieve the repository name, which is a standard procedure for generating correct GitHub issue and commit links.\n- [PROMPT_INJECTION]: The skill processes untrusted external data (PRDs, comments, and linked documents), which creates an indirect prompt injection surface.\n - Ingestion points: PRD issue bodies, discussion comments, and referenced documentation in the repository.\n
- Boundary markers: The instructions do not specify the use of delimiters or 'ignore' instructions for the ingested content.\n
- Capability inventory: The skill is capable of creating GitHub issues and posting comments with the analyzed data.\n
- Sanitization: No explicit sanitization of the external input is described; however, the output is restricted to text-based artifacts, posing minimal risk.\n- [DATA_EXFILTRATION]: No unauthorized data transmission or access to sensitive local secrets (such as credentials or environment variables) was identified.
Audit Metadata