backlog
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (LOW): The skill ingests untrusted data from user input and GitHub issue descriptions which could theoretically contain instructions intended to influence the agent.
- Ingestion points: User-provided
<description>in the/backlog addcommand and output fromgh issue list. - Boundary markers: Absent; the skill does not wrap interpolated data in specific delimiters or safety instructions.
- Capability inventory: Subprocess execution of
ghCLI commands for issue creation and management. - Sanitization: Absent; input is passed directly to command-line arguments.
- Command Execution (SAFE): The skill uses
gh issuecommands to perform its primary function. These are standard operations for GitHub repository management and do not involve unauthorized privilege escalation or dangerous shell features.
Audit Metadata