pickup-issue
Pass
Audited by Gen Agent Trust Hub on Jun 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Employs standard version control (
git) and repository management (gh) CLI tools to manage the development lifecycle, including branching and pull request creation. - [PROMPT_INJECTION]: Processes untrusted data from GitHub issue titles and descriptions, which constitutes a surface for indirect prompt injection.
- Ingestion points: Data is ingested from the output of the
gh issue viewcommand as specified inSKILL.md. - Boundary markers: The skill does not define explicit delimiters to isolate untrusted issue content from the agent's instructions.
- Capability inventory: The skill possesses the ability to manipulate the repository state via
gitandgh, and it invokes secondary skills for implementation and verification. - Sanitization: No explicit sanitization or filtering of the issue content is performed before it is added to the agent's context.
Audit Metadata