create-issue
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): Vulnerability to indirect prompt injection through repository context.\n
- Ingestion points: Processes 'existing issues, docs, and code' (SKILL.md) and '.github/ISSUE_TEMPLATE/' (rules/template-adherence.md).\n
- Boundary markers: Absent; no instructions to isolate untrusted repo content from the system prompt.\n
- Capability inventory: mcp__github__issue_write (API write), mcp__github__get_me (user identity access), Bash(gh repo view).\n
- Sanitization: Absent; content is interpolated into the workflow without escaping or validation.\n- Command Execution (SAFE): The skill uses 'gh repo view' to gather repository information. This is a non-destructive, informational command from the official GitHub CLI.
Audit Metadata