feedback
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to perform legitimate diagnostic and reporting tasks. This includes gathering system environment data (OS version, git branch) and interacting with the GitHub CLI (gh) to search for or create issues in the author's official repository (yonatangross/orchestkit).
- [DATA_EXFILTRATION]: Features that transmit data externally, such as the bug reporting workflow and optional anonymous analytics, are governed by strict security protocols. These include a mandatory opt-in consent model, automated stripping of PII (such as local paths, emails, and credentials), and a final manual confirmation from the user before any information is sent to the author's repository.
- [PROMPT_INJECTION]: The skill processes untrusted input through user-provided bug descriptions. Potential risks are mitigated by the architecture of the bug reporting workflow, which requires the agent to sanitize all collected context and present a full preview to the user for approval before the network tool is invoked.
Audit Metadata