Skills
skills/udecode/plate/issue-intelligence-analyst/Gen Agent Trust Hub

issue-intelligence-analyst

Pass

Audited by Gen Agent Trust Hub on Apr 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the git and gh (GitHub CLI) tools to retrieve repository information, labels, and issue data. These are standard operations for its stated purpose and are executed with explicit parameters to prevent unexpected behavior.
  • [EXTERNAL_DOWNLOADS]: Fetches issue content and metadata from GitHub repositories using the official gh CLI. This involves interacting with external data on a well-known service, which is the primary and expected function of the tool.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from GitHub issues.
  • Ingestion points: GitHub issue titles and bodies are fetched and analyzed (referenced in SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or warnings for the agent to ignore embedded instructions within the fetched issue content.
  • Capability inventory: The skill uses git and gh CLI commands to list and view repository data, and utilizes platform tools like Glob and Grep for file exploration.
  • Sanitization: No sanitization or escaping of the fetched issue content is described before the agent processes it for thematic clustering.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 4, 2026, 01:31 AM