Skills
skills/benjaming/ralph-tui-github-tracker/ralph-tui-create-github-issues/Gen Agent Trust Hub

ralph-tui-create-github-issues

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various gh (GitHub CLI) commands to create issues, view issue details, and interact with the GitHub GraphQL API.
  • [COMMAND_EXECUTION]: The skill generates a temporary GraphQL mutation file at /tmp/blocked_by.graphql and executes it via the gh api graphql command to avoid shell encoding issues.
  • [PROMPT_INJECTION]: The skill processes untrusted PRD content and interpolates it into shell command bodies, creating a surface for indirect prompt injection.
  • Ingestion points: PRD markdown or text files provided as input (processed in SKILL.md).
  • Boundary markers: The skill explicitly mandates the use of single-quoted HEREDOC delimiters (<<'EOF') to prevent the shell from interpreting content inside the issue body.
  • Capability inventory: GitHub Issue creation, viewing, and GraphQL API interaction via the gh CLI (described in SKILL.md).
  • Sanitization: The instructions provide specific warnings and examples on how to use HEREDOC syntax safely to prevent variable expansion and command substitution.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 03:55 PM
Security Audit — agent-trust-hub — ralph-tui-create-github-issues