skills/shunsukehayashi/miyabi-claude-plugins/Issue Analysis with Label Inference/Gen Agent Trust Hub
Issue Analysis with Label Inference
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (MEDIUM): Indirect Prompt Injection via Issue Content. The skill's primary function is to ingest and analyze untrusted data from GitHub issues (Title, Body, Comments) as outlined in 'SKILL.md' Step 1. It lacks boundary markers (e.g., delimiters) or specific instructions to the agent to disregard commands found within the processed text, creating a vulnerability where a malicious issue could override agent behavior.
- [COMMAND_EXECUTION] (LOW): Tool Access Risk. The skill uses 'Read', 'Grep', 'Glob', and 'WebFetch'. While these tools are necessary for the stated purpose of repository analysis, they provide an attack surface for file system traversal and network operations that could be exploited if an indirect prompt injection attack is successful.
Audit Metadata