issue-create
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The prompts for content detection, label suggestion, and title extraction in 'references/ai-prompts.md' are susceptible to indirect prompt injection as they interpolate user-provided data without security boundaries. * Ingestion points: User-supplied issue title and body content processed in 'SKILL.md' and 'references/ai-prompts.md'. * Boundary markers: Absent; the prompts lack delimiters or clear separation between instructions and data. * Capability inventory: The skill can execute complex shell commands ('gh', 'git', 'bun') and write to local logs and caches. * Sanitization: No evidence of input escaping or validation is present in the provided reference files.
- [COMMAND_EXECUTION]: The skill relies on the 'Bash' tool to interact with the GitHub CLI and local git environment. Risks exist if the 'issue-create.ts' script does not properly escape user-controlled text before it is used in shell command strings.
Audit Metadata