Skills
skills/kongshan001/kanban-framework/github-issue-processing/Gen Agent Trust Hub

github-issue-processing

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the GitHub CLI (gh) to fetch issue listings and body content from the kongshan001/kanban-framework repository. This communication with a well-known service for the author's own repository is standard for the stated purpose.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted data from GitHub issue bodies.
  • Ingestion points: GitHub issue bodies are read via gh issue view in SKILL.md (Step 2).
  • Boundary markers: None identified. The instructions do not specify the use of delimiters or 'ignore' instructions for the external content.
  • Capability inventory: The agent can comment on and close issues via gh, write markdown files to .kanban/tasks/, and execute a local task-creation CLI (python -m core.cli.main).
  • Sanitization: No sanitization or validation of the ingested issue body text is described before it is processed for categorization or written to task inbox files.
  • [COMMAND_EXECUTION]: The skill invokes a local Python module (python -m core.cli.main) to create and register Kanban tasks within the local workspace.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 03:07 PM