Skills
skills/gsmlg-dev/code-agent/cmd-fix-internal-requests/Gen Agent Trust Hub

cmd-fix-internal-requests

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes Git and GitHub CLI (gh) commands to perform repository operations including creating worktrees, branches, and pull requests.
  • [PROMPT_INJECTION]: The skill processes external data (GitHub issue bodies) to guide its code modifications, which introduces a surface for indirect prompt injection.
  • Ingestion points: Issue bodies are fetched via the gh tool or GitHub MCP as untrusted input.
  • Boundary markers: No delimiters are specified to isolate issue content from the agent's core instructions.
  • Capability inventory: The agent can modify source code, execute repository-specific build/test commands, and push code to remote branches.
  • Sanitization: No sanitization or validation of the issue description is performed.
  • Remediation: It is recommended to implement delimiters for external content and provide explicit instructions to the agent to treat issue bodies as data rather than instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 07:42 AM
Security Audit — agent-trust-hub — cmd-fix-internal-requests