bug-issue
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Prompt Injection (LOW): The skill is vulnerable to Indirect Prompt Injection through the processing of untrusted GitHub issue data. • Ingestion points: Data is pulled from external GitHub issues via the 'gh issue view' command. • Boundary markers: None. There are no instructions to the agent to treat the issue content as untrusted or to ignore embedded instructions. • Capability inventory: The skill allows the agent to read/write local files and execute diagnostic commands or tests. • Sanitization: No sanitization or validation of the fetched issue content is performed.
- Command Execution (SAFE): The use of the 'gh' CLI and the execution of local tests are consistent with the skill's stated purpose of bug reproduction and fixing.
Audit Metadata