to-issues
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized access attempts were detected in the skill instructions. The skill operates within expected bounds for a project management assistant.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it processes untrusted data from issue comments and project specifications. However, the risk is mitigated by a mandatory user review phase before any external actions are performed.
- Ingestion points: Plan/spec context and external issue tracker comments (SKILL.md).
- Boundary markers: Not explicitly used to delimit data from instructions.
- Capability inventory: Reading from and writing to project issue trackers.
- Sanitization: No explicit sanitization or filtering of input content identified.
Audit Metadata