Skills
skills/andrewvaughan/agent-council/hotfix/Gen Agent Trust Hub

hotfix

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external GitHub issues which could contain instructions intended to manipulate the agent's behavior.
  • Ingestion points: GitHub issue titles and descriptions fetched via gh issue view in SKILL.md.
  • Boundary markers: None; the external content is integrated into the agent's context without clear delimiters or instructions to disregard embedded commands.
  • Capability inventory: The skill has broad capabilities including file modification (applying fixes), shell command execution (pnpm, git), and PR creation (gh pr create).
  • Sanitization: No validation or sanitization is performed on the data retrieved from GitHub before it is processed.
  • [COMMAND_EXECUTION]: The skill makes extensive use of system commands to perform development tasks.
  • Evidence: Executes git checkout, git pull, pnpm test, pnpm lint, gh pr create, and gh run watch in SKILL.md to manage the codebase and CI/CD status.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to sync with remote repositories and services.
  • Evidence: Uses git fetch, git push, and various gh (GitHub CLI) commands to interact with the GitHub platform. These interactions are directed at a well-known service (GitHub).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 09:14 PM