Skills
skills/vinvcn/mattpocock-skills-zh-cn/github-triage/Gen Agent Trust Hub

github-triage

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh (GitHub CLI) tool to perform repository management tasks, including listing issues, editing labels, posting comments, and closing issues. It also involves creating and writing to files in the .out-of-scope/ directory.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection because it ingests and processes untrusted data from GitHub issue bodies and comments provided by external reporters.
  • Ingestion points: Untrusted content from GitHub issue reports and comments is read into the agent context during the triage workflow in SKILL.md.
  • Boundary markers: The instructions do not define explicit delimiters or instructions for the agent to ignore embedded commands within the ingested text.
  • Capability inventory: The skill has the capability to execute local commands and tests (for bug reproduction), write to the local filesystem, and interact with the GitHub API via the gh tool.
  • Sanitization: No specific sanitization or validation of the externally provided issue content is mentioned before the agent uses it for reproduction attempts or recommendation generation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 02:23 PM