Skills
skills/wghust/stark-skills/issue-search/Gen Agent Trust Hub

issue-search

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill dynamically constructs shell commands using the gh CLI based on user-provided keywords and error messages. If malicious input is provided as a question (e.g., command chaining characters), it could lead to arbitrary command execution within the environment context.
  • [PROMPT_INJECTION]: The skill is vulnerable to Indirect Prompt Injection (Category 8).
  • Ingestion points: Technical terms and error messages extracted from user questions, and issue data retrieved from GitHub search results in SKILL.md.
  • Boundary markers: None. The skill does not use delimiters or instructions to ignore embedded commands in the fetched GitHub issue content.
  • Capability inventory: Executes shell commands via gh CLI and performs network operations via WebFetch as described in SKILL.md.
  • Sanitization: None. User-derived keywords are passed directly to gh issue list --search and WebFetch(url, prompt=...).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 04:26 PM