Skills
skills/mdhb2/aix-skillpack/to-issues/Gen Agent Trust Hub

to-issues

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to ingest and process untrusted data from external issue tracker bodies and comments (Step 1).
  • Ingestion points: External issue tracker content and user-provided plans/specs.
  • Boundary markers: The instructions do not specify any delimiters or safety markers to isolate the untrusted external content from the agent's core instructions.
  • Capability inventory: The agent is authorized to explore the local codebase, write files to the .aix/ directory, and publish new issues to an external tracker.
  • Sanitization: No sanitization or validation logic is defined for the external data being processed.
  • [COMMAND_EXECUTION]: The skill requires the execution of the shell command 'mkdir -p .aix' to prepare the workspace for generated artifacts. This command is a standard filesystem operation used for project organization.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:22 AM
Security Audit — agent-trust-hub — to-issues