feature-issue
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted data from GitHub issues, which could contain malicious instructions designed to influence the agent's behavior during code implementation or environment setup.
- Ingestion points: External issue descriptions retrieved via the
gh issue viewcommand. - Boundary markers: Absent. There are no instructions provided to the agent to treat issue content as data or to ignore embedded instructions.
- Capability inventory: The skill allows for git branch creation, file modifications, and running validation/linting diagnostics.
- Sanitization: Absent. No filtering or escaping is performed on the issue content before it is processed for requirements analysis.
- Command Execution (SAFE): The skill utilizes standard command-line tools (
gh,git) which are appropriate for its primary purpose of feature implementation. This use case does not involve elevated privileges or suspicious command patterns.
Audit Metadata