implement
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data which creates a surface for indirect prompt injection. Ingestion points: The skill reads content from GitHub issues, specification artifacts, proposals, and seed files. Boundary markers: No explicit delimiters or boundary markers are defined to isolate untrusted input from the agent's core instructions. Capability inventory: The skill has the authority to execute git commands and project-defined scripts (e.g., test, lint) based on its interpretation of the input. Sanitization: No explicit validation or filtering of the ingested content is mentioned in the workflow.
- [COMMAND_EXECUTION]: The skill performs shell-based operations for repository management and code validation. It executes git status --porcelain to check for a dirty worktree and uses git add and git commit to manage the codebase. It also runs project-specific standing gates such as linters, formatters, or test suites before committing code.
- [EXTERNAL_DOWNLOADS]: Fetches issue content and metadata from GitHub repositories as a core part of its implementation workflow, which is a recognized service required for the skill's functionality.
Audit Metadata