to-issues
Pass
Audited by Gen Agent Trust Hub on Jun 21, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a transparent workflow that requires user interaction and approval before creating issues on a project tracker.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes external data from issue tracker comments and project specifications. 1. Ingestion points: Issue bodies and comments (SKILL.md), PRDs, and project specs. 2. Boundary markers: No specific delimiters are used to isolate untrusted data. 3. Capability inventory: Reading from the file system and reading/writing to the issue tracker. 4. Sanitization: No programmatic sanitization is evident, but the process is gated by a mandatory user review step which allows for manual inspection of the generated tasks.
Audit Metadata