oss-hunter
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The script
bin/hunter.pyutilizes the Pythonsubprocessmodule to execute the GitHub CLI (gh). This execution is limited to pre-defined API search queries and issue listing commands. The arguments passed to the shell are programmatically constructed by the script and do not accept arbitrary user input, minimizing the risk of command injection. - [INDIRECT_PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it retrieves and processes external content from GitHub (issue titles and descriptions).
- Ingestion points: Data is ingested from the GitHub API via the
gh issue listcommand inbin/hunter.py. - Boundary markers: No specific delimiters are used when displaying the issue data to the user.
- Capability inventory: The skill is restricted to read-only API calls via
ghand printing to standard output. It does not have file-writing, privilege escalation, or arbitrary network capabilities. - Sanitization: While the script does not explicitly sanitize the text of the issue titles, the risk is negligible as the data is only used for display purposes and does not drive subsequent automated logic or tool execution.
Audit Metadata