Skills
skills/sd0xdev/sd0x-dev-flow/issue-analyze/Gen Agent Trust Hub

issue-analyze

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted content from GitHub issue titles, bodies, and comments using the gh issue view command. This creates a surface for indirect prompt injection where malicious instructions embedded in an issue could attempt to influence the agent's behavior.
  • Ingestion points: GitHub issue content fetched via gh issue view in SKILL.md.
  • Boundary markers: The workflow does not specify markers to isolate external issue content from agent instructions.
  • Capability inventory: Authorized use of git and gh CLI tools via the Bash tool.
  • Sanitization: No explicit sanitization of issue data is performed before processing.
  • [COMMAND_EXECUTION]: The skill utilizes Bash tools restricted to git:* and gh:* commands to retrieve issue data and repository history. This is part of the core functionality but involves executing shell commands based on user-provided issue numbers.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 06:40 AM