team-migration
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses git and gh (GitHub CLI) to retrieve diffs, metadata, and contents from the local repository and GitHub. These are standard operations for a technical migration tool and do not involve unauthorized access or dangerous command constructions.- [PROMPT_INJECTION]: The skill processes external data from Pull Requests and issues which constitutes a surface for indirect prompt injection (Category 8).
- Ingestion points: Data enters the agent context through gh pr view, gh issue view, and git show as specified in the Step 0 section of SKILL.md.
- Boundary markers: There are no explicit delimiters or instructions to ignore embedded commands within the ingested data before passing it to subagents.
- Capability inventory: The workflow involves the lead agent using CLI tools and the Task tool to spawn subagents for transformations and plan execution.
- Sanitization: The skill does not define specific sanitization or filtering logic for the data retrieved from external PRs or issues.
Audit Metadata