github-issue-tracker
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- Category 8: Indirect Prompt Injection (SAFE): The skill ingests untrusted data from GitHub issues and comments through 'gh issue list' and 'gh issue view' commands. While this presents a vulnerability surface common to all tools processing external input, it is a necessary component of the skill's primary function and no exploitable patterns or missing sanitization behaviors were identified in the templates.
- Category 4: Unverifiable Dependencies & Remote Code Execution (SAFE): No external dependencies are installed via package managers, and no remote scripts are downloaded or executed via curl or bash. The use of 'Bash' is restricted to the pre-installed GitHub CLI.
- Category 5: Privilege Escalation (SAFE): The skill does not use 'sudo' or attempt to modify system-level permissions or configurations.
- Category 2: Data Exposure & Exfiltration (SAFE): Repository access is managed via the authenticated 'gh' CLI. No credentials (API keys or tokens) are hardcoded, and no sensitive local files (such as SSH keys or env files) are targeted.
Audit Metadata