feedback
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to interact with theghCLI for bug reporting and to collect environment metadata such as OS version and Git branch information. These operations are scoped to project-specific diagnostic data and user-initiated reports. - [PROMPT_INJECTION]: The bug reporting workflow represents a surface for indirect prompt injection (Category 8) as it processes user-provided descriptions.
- Ingestion points: Collects user-defined issue descriptions via command arguments or interactive
AskUserQuestionprompts. - Boundary markers: The agent uses a quoted heredoc (
'EOF') when constructing bug report bodies for the GitHub CLI, which provides protection against shell injection during variable interpolation. - Capability inventory: The skill uses
Bashfor CLI operations andReadfor accessing local metrics and configuration. - Sanitization: Implements a comprehensive sanitization protocol that strips absolute file paths, emails, and credential-related strings (e.g.,
password,secret,token,key) from the collected context before any external transmission occurs.
Audit Metadata