Skills
skills/grehnen/copilot-tooling/to-issues/Gen Agent Trust Hub

to-issues

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface
  • Ingestion points: The skill fetches full bodies and comments from external issue references (URLs or issue numbers) provided by the user in Step 1.
  • Boundary markers: There are no explicit instructions or delimiters defined to isolate the fetched external content or to warn the agent to ignore any malicious instructions embedded within the issue data.
  • Capability inventory: The skill has the ability to read the local codebase (Step 2) and write new data to the issue tracker (Step 5).
  • Sanitization: There is no mention of sanitizing or validating the content retrieved from the issue tracker before it is used to draft and publish new issues.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 07:26 PM