qa
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill utilizes official tools and follows best practices for bug reporting by utilizing structured templates and focusing on user-facing behavior rather than implementation details.
- [PROMPT_INJECTION]: The skill processes user-provided bug reports which are then published to GitHub. This constitutes an indirect prompt injection surface where malicious instructions could potentially be included in user input.
- Ingestion points: User descriptions of problems within the conversational QA session.
- Boundary markers: Instructions to use project domain language and specific templates to structure the report.
- Capability inventory: Capability to file issues via the GitHub CLI.
- Sanitization: The agent acts as an intermediary, filtering user input into a standardized behavioral report format.
Audit Metadata