triage
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses dynamic context injection (!command) to retrieve repository status and label configuration at load time. These operations utilize the 'gh' tool for read-only metadata gathering and are legitimate within the scope of a triage utility.- [SAFE]: The skill's primary function involves reading external data from GitHub issues, which represents a potential indirect prompt injection surface. This risk is inherent to the intended purpose of the tool.
- Ingestion points: Issue titles and bodies fetched via 'gh issue view' in SKILL.md.
- Boundary markers: None.
- Capability inventory: Repository modification (gh issue edit) and codebase traversal (Glob, Grep, Read).
- Sanitization: None.
Audit Metadata