github-issues
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements security best practices for GitHub automation, including verifying target repositories before mutation and explicitly warning against pasting sensitive data into public issues. All workflows use standard GitHub tools (MCP, gh CLI, REST/GraphQL) for their intended purposes.\n- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and processes user-controlled content from GitHub issues and comments via tools like
mcp__github__issue_read.\n - Ingestion points: Issue details, comments, and project item values read via MCP tools and GitHub APIs.\n
- Boundary markers: No specific delimiters or "ignore instructions" warnings are defined for ingested external content in the core instructions.\n
- Capability inventory: Extensive issue and project modification capabilities via
mcp__github__issue_write,mcp__github__sub_issue_write, and variousgh apimutations.\n - Sanitization: No explicit sanitization of external issue body content before processing is mentioned. Note: This risk is characteristic of tools managing external data, and the skill includes guidance to prevent unintended disclosure.
Audit Metadata