fusion-issue-task-planning
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from GitHub issues (e.g., body, title, acceptance criteria), which constitutes a surface for indirect prompt injection. This risk is mitigated by the skill's design, which requires human oversight and delegates all external actions. \n
- Ingestion points: SKILL.md (Step 2) gathers data from external issue references via MCP. \n
- Boundary markers: No explicit boundary delimiters are defined for the ingested issue content. \n
- Capability inventory: The skill generates local markdown drafts in the .tmp/ directory and delegates mutations to the fusion-issue-authoring skill. \n
- Sanitization: No explicit sanitization of external text is mentioned in the instructions.
Audit Metadata