Skills
skills/cniska/skills/explore/Gen Agent Trust Hub

explore

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to use the gh issue view command to retrieve context for its operations. This involves executing a shell command with arguments that may be influenced by user input.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes content from external GitHub issues.
  • Ingestion points: Untrusted data enters the agent context via gh issue view as specified in SKILL.md.
  • Boundary markers: There are no delimiters or instructions provided to the agent to ignore potentially malicious instructions embedded within the fetched issue content.
  • Capability inventory: The agent has the capability to execute shell commands (gh) and read the local codebase.
  • Sanitization: No sanitization, filtering, or validation is performed on the data retrieved from GitHub before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 02:37 PM