cs-issue-fix
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local commands including
python codestable/tools/search-yaml.pyand standardgitoperations (status, commit). These are used for searching project history and committing bug fixes, aligned with the stated purpose. - [PROMPT_INJECTION]: The skill processes potentially untrusted data from issue reports and analysis documents which could contain malicious instructions. While the skill mandates user confirmation before execution, the ingestion of external content without explicit boundary markers represents a standard indirect prompt injection surface.
- Ingestion points: Reads
analysisandreportfiles inSKILL.md(Step 2 of the Standard Path). - Boundary markers: None explicitly defined to ignore instructions within the reports, though user confirmation is required before action.
- Capability inventory: File modification, execution of
search-yaml.py, andgit commitas defined inSKILL.md. - Sanitization: No specific sanitization or validation of the input report content is described.
Audit Metadata