closing-obsolete-issues
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the gh CLI tool to list, view, and close GitHub issues. This behavior is aligned with the skill's stated purpose of repository maintenance.
- [PROMPT_INJECTION]: The skill processes untrusted data from GitHub issue descriptions and comments, presenting a surface for indirect prompt injection.
- Ingestion points: Issue details fetched via gh issue view (SKILL.md).
- Boundary markers: No delimiters or isolation markers are defined for external data.
- Capability inventory: The skill can close issues, post comments, and update reference files (SKILL.md).
- Sanitization: No sanitization is applied to the untrusted issue content before processing.
- Mitigation: The risk is effectively mitigated by the mandatory user approval step required before any issue is closed.
- [PROMPT_INJECTION]: Includes specific behavioral and stylistic constraints, such as the prohibition of em dashes and mandatory closing comment signatures.
Audit Metadata