implement-issue

Pass

Audited by Gen Agent Trust Hub on Jul 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes GitHub (gh) and GitLab (glab) CLI tools to interact with issue trackers and repositories.
  • Mitigates risks by requiring pre-authenticated CLI sessions and explicitly forbidding automatic tool installation or authentication.
  • Implements strict input validation, including the rejection of control characters and malformed URLs, and requires argv-safe argument handling.
  • [DATA_EXFILTRATION]: Manages the retrieval of issue data from external hosts.
  • Explicitly identifies and redacts HTTP(S) userinfo/credentials from URLs before any processing or reporting occurs.
  • Prohibits the use of checkout-derived placeholders in API requests to ensure strict project binding and prevent unauthorized data access.
  • [PROMPT_INJECTION]: Proactively manages the risk of indirect prompt injection from untrusted external data sources (GitHub/GitLab issues).
  • Formally defines issue bodies, comments, and linked pages as "untrusted evidence" rather than authoritative instructions.
  • Commands the agent to ignore any embedded workflow instructions or shell commands found within the processed issue data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 11, 2026, 05:59 PM