issue-create
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because user-controlled issue content is directly interpolated into LLM prompts for classification and label suggestions. Ingestion points occur through the --body and --title arguments. There are no boundary markers or instructions to ignore embedded commands within the prompt templates in references/ai-prompts.md. The skill has the capability to create GitHub issues based on this potentially manipulated output, and no sanitization of the input content is documented.
- [COMMAND_EXECUTION]: The skill performs repository management using the gh and git CLI tools. It also executes a local TypeScript script via bun and provides detailed instructions for performing browser automation with Playwright to handle image uploads to the GitHub CDN.
- [EXTERNAL_DOWNLOADS]: Recommends the installation of the official github/gh-models extension to enable AI-powered features.
Audit Metadata