draft-issue
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No direct malicious instructions or safety bypass attempts were detected within the skill instructions.
- Indirect Prompt Injection (LOW): The skill processes untrusted data by reading files from the local codebase, which could contain instructions designed to manipulate the agent's output.
- Ingestion points: Local file system via file search and read operations defined in
SKILL.md. - Boundary markers: Not explicitly defined in the instructions for the agent when processing file content.
- Capability inventory: Execution of the
gh issue createcommand. - Sanitization: No explicit sanitization of file content is performed, though the workflow requires explicit user approval before the final command execution, providing a strong mitigation.
- Command Execution (SAFE): The skill utilizes the
ghCLI to create issues. This is consistent with the skill's stated purpose, and the requirement for user approval before execution prevents unauthorized command runs. - Data Exposure & Exfiltration (SAFE): File access is limited to the purpose of researching the codebase for issue drafting. No unauthorized network requests or data exfiltration patterns were identified.
Audit Metadata