Skills
skills/jamie-bitflight/claude_skills/create-milestone/Gen Agent Trust Hub

create-milestone

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a Python script using the uv tool and interpolates user-provided variables {title}, {description}, and {YYYY-MM-DD} directly into the shell command string. This creates a potential command injection vulnerability if the user provides input containing shell metacharacters.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting data from external GitHub milestone lists which is used to influence the agent's logic.\n
  • Ingestion points: backlog_list_milestones(state="open") in SKILL.md.\n
  • Boundary markers: None specified to prevent the agent from interpreting instructions contained within existing milestone titles or descriptions.\n
  • Capability inventory: uv run shell command execution and backlog_create_milestone tool call in SKILL.md.\n
  • Sanitization: No explicit sanitization or escaping of the external milestone data is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 01:52 PM