Skills
skills/hirokisakabe/issuekit/issue-pick/Gen Agent Trust Hub

issue-pick

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh (GitHub CLI) tool and grep to fetch issue lists, retrieve issue bodies, and query GitHub's GraphQL API for sub-issue relationships. These commands are used according to standard practices for repository management.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from GitHub issue bodies.
  • Ingestion points: GitHub issue bodies are fetched using gh issue list and gh issue view (SKILL.md, Step 1 and 4).
  • Boundary markers: None identified. The instructions do not define specific delimiters for external content.
  • Capability inventory: Uses subprocess calls to gh and grep (SKILL.md, Step 1, 4). The skill is explicitly read-only and does not perform file-write or external network operations beyond GitHub APIs.
  • Sanitization: None identified. The agent is directed to read the full body content to identify status and blockers.
  • [DATA_EXPOSURE]: The skill reads and processes GitHub issue information. This activity is consistent with the skill's stated purpose and is limited to the data accessible via the user's local GitHub CLI authentication.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 11:28 AM
Security Audit — agent-trust-hub — issue-pick