Skills
skills/mukiwu/muki-ai-plugins/bug-fix-learning/Gen Agent Trust Hub

bug-fix-learning

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks as it processes untrusted external data from GitHub issues.
  • Ingestion points: The skill retrieves content from GitHub issues via the gh issue view command and reads project files using filesystem tools (SKILL.md).
  • Boundary markers: The instructions do not define clear boundaries or markers to isolate ingested issue content from the agent's instructions, nor do they specify that the agent should ignore commands or instructions embedded in issue bodies.
  • Capability inventory: The agent has access to powerful tools including shell command execution (bash) and filesystem modification (Write, Edit), providing a significant attack surface if an injected instruction is executed.
  • Sanitization: No explicit sanitization or validation logic is defined for the data retrieved from GitHub before it is processed by the agent.
  • [COMMAND_EXECUTION]: The skill utilizes shell commands (bash) and the GitHub CLI (gh) for technical investigations, such as viewing git history, analyzing issues, and running tests. These operations are aligned with the skill's purpose but involve the processing of data from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 06:06 AM
Security Audit — agent-trust-hub — bug-fix-learning