to-issues

Pass

Audited by Gen Agent Trust Hub on Jun 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill mentions an external configuration command setup-matt-pocock-skills required for setup and references a local validator script at .agent-skills/skill-standardization/scripts/validate_skill.sh.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its primary data processing workflow:
  • Ingestion points: Processes untrusted external data such as "plans, specs, or requirements" (referenced in SKILL.md) to generate ticket descriptions.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore or isolate potential commands embedded within the input data.
  • Capability inventory: The skill has access to powerful system tools including Bash, Write, and Edit (listed in allowed-tools).
  • Sanitization: No sanitization, escaping, or validation steps are defined to verify the content of the plans before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 15, 2026, 02:34 AM
Security Audit — agent-trust-hub — to-issues