bug-reporting

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by instructing the agent to ingest external data from automated accessibility tools or manual testing and interpolate it into prompts for filing GitHub issues or sending emails.
  • Ingestion points: Data from automated accessibility tools (JSON) and manual test results described in SKILL.md.
  • Boundary markers: Absent. The provided prompt template for filing GitHub issues (e.g., using [INSERT JSON HERE]) lacks delimiters or instructions for the agent to ignore potentially malicious embedded instructions.
  • Capability inventory: The skill empowers the agent to perform write operations, such as filing GitHub issues and drafting communications to external organizations.
  • Sanitization: There are no explicit requirements or instructions for escaping, validating, or filtering the ingested report content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 01:03 AM
Security Audit — agent-trust-hub — bug-reporting