fix-issue
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill consists entirely of Markdown documentation and does not include any executable scripts, binaries, or logic files.
- [PROMPT_INJECTION]: The skill is designed to process untrusted data from external GitHub issues, creating an attack surface for indirect prompt injection.
- Ingestion points: Content from GitHub issues (descriptions and comments) fetched based on the provided issue number.
- Boundary markers: No delimiters or instructions are provided to the agent to treat external content as data rather than instructions.
- Capability inventory: The skill's description implies the agent will perform code modifications and test executions, which are powerful capabilities that could be abused if malicious instructions are found in an issue.
- Sanitization: There is no evidence of sanitization or validation of the external issue data before it is processed by the agent.
Audit Metadata