Skills
skills/microsoft/windowsappsdk/triage-meeting-prep/Gen Agent Trust Hub

triage-meeting-prep

Pass

Audited by Gen Agent Trust Hub on Jun 19, 2026

Risk Level: SAFE
Full Analysis
  • Processing Untrusted Content: The skill retrieves issue data (titles, bodies, and comments) from GitHub to perform analysis and suggest triage actions.
  • Evidence: Found in Get-IssueDetails.ps1 and Get-TriageIssues.ps1 which fetch content via the GitHub CLI.
  • Context: Because this data originates from external users, it represents an entry point for untrusted content. While standard for triage tools, it is a consideration for indirect prompt injection if an issue were to contain instructions intended to influence the agent's summary or reply generation.
  • Local Script Execution: The skill relies on a suite of PowerShell scripts to interface with the GitHub CLI and manage local state files.
  • Evidence: Multiple scripts located in the scripts/ directory, such as Get-TriageIssues.ps1 and Save-TriageState.ps1.
  • Context: These scripts facilitate the skill's core functionality, such as fetching issues and comparing triage states. They operate within the user's local environment and require the GitHub CLI to be authenticated. This is a common pattern for developer-oriented tools provided by the vendor.
  • Data Management: Triage states and summaries are saved locally in the Generated-Files directory.
  • Evidence: Mentioned in SKILL.md and implemented in Save-TriageState.ps1.
  • Context: This allows for persistent tracking of issues over time. Users should ensure they have appropriate permissions for the directory where the skill is executed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 19, 2026, 10:45 PM
Security Audit — agent-trust-hub — triage-meeting-prep