triage

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses dynamic context injection (!command) to retrieve repository status and label configuration at load time. These operations utilize the 'gh' tool for read-only metadata gathering and are legitimate within the scope of a triage utility.- [SAFE]: The skill's primary function involves reading external data from GitHub issues, which represents a potential indirect prompt injection surface. This risk is inherent to the intended purpose of the tool.
  • Ingestion points: Issue titles and bodies fetched via 'gh issue view' in SKILL.md.
  • Boundary markers: None.
  • Capability inventory: Repository modification (gh issue edit) and codebase traversal (Glob, Grep, Read).
  • Sanitization: None.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:37 AM
Security Audit — agent-trust-hub — triage