skills/luthersystems/svc/pickup-issue/Gen Agent Trust Hub

pickup-issue

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Employs standard version control (git) and repository management (gh) CLI tools to manage the development lifecycle, including branching and pull request creation.
  • [PROMPT_INJECTION]: Processes untrusted data from GitHub issue titles and descriptions, which constitutes a surface for indirect prompt injection.
  • Ingestion points: Data is ingested from the output of the gh issue view command as specified in SKILL.md.
  • Boundary markers: The skill does not define explicit delimiters to isolate untrusted issue content from the agent's instructions.
  • Capability inventory: The skill possesses the ability to manipulate the repository state via git and gh, and it invokes secondary skills for implementation and verification.
  • Sanitization: No explicit sanitization or filtering of the issue content is performed before it is added to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 09:39 AM