Skills
skills/guillermomurillo/memo-flow/triage/Gen Agent Trust Hub

triage

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from GitHub issue bodies and comments which could contain instructions to override agent behavior.
  • Ingestion points: SKILL.md (Step 1 of Triage) instructs the agent to read the full issue, including bodies and comments provided by external users.
  • Boundary markers: The skill lacks boundary markers or instructions to treat issue content as data rather than instructions when gathering context or recommending states.
  • Capability inventory: The agent has the ability to write files to the repository (in .out-of-scope/), post comments on GitHub, and modify issue labels/status.
  • Sanitization: No sanitization or filtering of the ingested issue content is mentioned before it is processed by the model.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 03:11 PM
Security Audit — agent-trust-hub — triage