Skills
skills/mattpocock/skills/triage/Gen Agent Trust Hub

triage

Pass

Audited by Gen Agent Trust Hub on Apr 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to 'run tests or commands' in the 'Reproduce (bugs only)' section of SKILL.md. This involves executing logic derived from untrusted issue reports.
  • [PROMPT_INJECTION]: The skill processes external data (GitHub issue bodies and comments) as specified in 'Triage a specific issue' in SKILL.md. This is an indirect prompt injection surface.
  • Ingestion points: GitHub issue body, comments, reporter, and labels (SKILL.md).
  • Boundary markers: Absent. No specific delimiters or instructions to ignore embedded commands in the processed data are defined.
  • Capability inventory: The agent can read files, write files to the repository (e.g., in '.out-of-scope/'), and execute shell commands or tests.
  • Sanitization: Absent. There is no instruction to validate or sanitize reproduction steps before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 29, 2026, 03:47 PM