Skills
skills/l3digital-net/claude-code-plugins/discussions/Gen Agent Trust Hub

discussions

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes gh-manager commands to interact with the GitHub API for listing, commenting on, and closing discussions. These commands use structured flags and parameters derived from repository state.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted data from GitHub Discussions.
  • Ingestion points: External content is pulled via gh-manager discussions list in SKILL.md.
  • Boundary markers: The instructions lack specific delimiters or instructions to ignore embedded commands within the discussion text.
  • Capability inventory: The skill has write-access capabilities through gh-manager discussions comment and state-change capabilities via gh-manager discussions close as documented in SKILL.md.
  • Sanitization: No explicit sanitization or filtering of the retrieved discussion content is mentioned before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:36 PM