Skills
skills/tanabee/skills/plan/Gen Agent Trust Hub

plan

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through external GitHub issue content.
  • Ingestion points: Issue content is retrieved via the gh issue view command as specified in SKILL.md.
  • Boundary markers: The prompt does not include markers or instructions to isolate issue content from the agent's instructions.
  • Capability inventory: The skill uses Bash, Write, and Task tools, which provide a significant attack surface if the agent obeys instructions found within an issue.
  • Sanitization: There is no evidence of sanitization or filtering for the data fetched from GitHub.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 01:47 PM