dev
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill operates as a high-level orchestrator for developer workflows. Its behavior, including autonomous execution of implementation steps, aligns with its stated purpose of streamlining GitHub issue resolution.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted content from GitHub issues.
- Ingestion points: Untrusted data from GitHub issues is ingested through the
$ARGUMENTSparameter used in sub-skill calls inSKILL.md. - Boundary markers: Absent. No explicit delimiters or instructions to ignore embedded commands are used when passing issue references to other skills.
- Capability inventory: The skill has access to high-privilege tools including
Bash,Write,Edit, and the ability to trigger other skills (/implement,/plan) as defined inSKILL.md. - Sanitization: Absent. There is no evidence of input validation or sanitization for the content retrieved from the external issue source.
Audit Metadata