Skills
skills/siyuqian/devpilot/devpilot-issue-triage/Gen Agent Trust Hub

devpilot-issue-triage

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the 'gh issue list' command to retrieve issue metadata and comments from GitHub repositories. This is a core part of the triage process and is constrained to read operations.
  • [DATA_EXPOSURE]: The skill reads local project files that are referenced in GitHub issues to perform 'deep-dives' and estimate fix sizes. The results of this analysis are stored locally and are not transmitted externally.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from GitHub issue titles, bodies, and comments, which could potentially contain malicious instructions aimed at influencing the triage report.
  • Ingestion points: Step 1 (gh issue list) and Step 3 (file reading) in SKILL.md.
  • Boundary markers: The instructions do not define specific delimiters or isolation techniques for the ingested issue content.
  • Capability inventory: The agent can execute 'gh' for data retrieval and read local files. Output capabilities are limited to generating a local markdown report.
  • Sanitization: No explicit sanitization or filtering is applied to the ingested issue data before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 10:35 AM