fix-issue
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection (SAFE): The skill ingests untrusted data from GitHub issues and local knowledge files to identify similar past problems, which is a potential attack surface. * Ingestion points: Issue titles and descriptions retrieved via
gh issue listand local project history inscripts/similar-issue-finder.sh. * Boundary markers: The templates do not currently implement explicit boundary delimiters or instructions to ignore embedded commands in external data. * Capability inventory: The skill is authorized to execute git and GitHub CLI commands and modify files to apply fixes. * Sanitization: The provided shell scriptscripts/similar-issue-finder.shuses robust practices, including variable quoting andset -euo pipefail, to prevent shell-level command injection.
Audit Metadata