sync-back-merge
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted content from GitHub Issues via the 'gh issue view' command, creating an attack surface for indirect prompt injection where a malicious submission could attempt to influence the agent's behavior during the review or application process. * Ingestion points: External data enters the context from the xu-cell/ai-engineering-init repository issues. * Boundary markers: There are no technical delimiters to distinguish external data from internal instructions. * Capability inventory: The agent is instructed to use the Edit tool for file modification and execute 'npm run build:skills'. * Sanitization: The instructions mitigate risk by mandating a manual review of the diff for security risks.
- [COMMAND_EXECUTION]: The skill uses 'gh', 'npm', and 'git' CLI tools. These commands are directed at the author's own repository and follow standard development practices for issue management and code synchronization.
Audit Metadata