bug-triage
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill provides an indirect prompt injection surface by processing external bug report files.
- Ingestion points: Bug reports are discovered using glob patterns in production/qa/bugs/ and other project paths.
- Boundary markers: The skill does not define delimiters or explicit instructions to ignore embedded commands within the ingested bug data.
- Capability inventory: The skill is restricted to using Read, Glob, Grep, Write, and Edit tools for local file operations.
- Sanitization: No evidence of validation or sanitization of the content extracted from bug reports is provided.
Audit Metadata