Skills
skills/jduhamel/skills/to-issues/Gen Agent Trust Hub

to-issues

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8).
  • Ingestion points: The skill fetches the full body and comments of issues from an external issue tracker (Step 1 in SKILL.md). This content is controlled by external users/attackers.
  • Boundary markers: There are no boundary markers or delimiters defined in the instructions to separate the untrusted issue content from the agent's instructions.
  • Capability inventory: The agent has the capability to browse the codebase and publish new issues to the project's issue tracker.
  • Sanitization: There is no evidence of sanitization or specific instructions to ignore embedded commands within the fetched issue data. An attacker could embed malicious instructions in an issue's comments that the agent might execute when processing the work breakdown.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 11:52 AM
Security Audit — agent-trust-hub — to-issues