cs-issue-analyze
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks due to its core function of reading and analyzing untrusted external data.\n
- Ingestion points: The agent reads user-provided bug reports ({slug}-report.md) and project source code files (via Grep and Glob).\n
- Boundary markers: There are no instructions to use delimiters or ignore instructions that might be embedded within the source code or reports.\n
- Capability inventory: The skill uses file searching tools and a local script (search-yaml.py) but is explicitly forbidden from modifying code during this phase.\n
- Sanitization: No sanitization or validation of the ingested file content is performed.
Audit Metadata