Skills
skills/seabbs/claude-code-config/issue-summary/Gen Agent Trust Hub

issue-summary

Warn

Audited by Gen Agent Trust Hub on Feb 15, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (MEDIUM): Vulnerable to Indirect Prompt Injection through external data.
  • Ingestion points: The skill retrieves issue descriptions and comments via gh issue view in Phase 1.
  • Boundary markers: Absent. The skill lacks delimiters (e.g., XML tags or triple quotes) to separate the untrusted issue content from the agent's instructions.
  • Capability inventory: The skill utilizes the gh CLI for data retrieval. It does not appear to have write permissions or arbitrary code execution capabilities, which limits the impact of an injection to reasoning/summarization bias.
  • Sanitization: Absent. The external text is processed raw, allowing an attacker to place 'jailbreak' or 'ignore instructions' text within a GitHub comment to manipulate the summary output.
  • COMMAND_EXECUTION (LOW): Uses the gh (GitHub CLI) tool for its intended purpose.
  • The commands gh issue view are legitimate uses of the tool for the skill's described function.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 15, 2026, 10:57 PM