Skills
skills/open-horizon-labs/miranda/oh-join/Gen Agent Trust Hub

oh-join

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard GitHub CLI (gh) commands to perform repository management tasks, such as viewing issue details, checking PR status, and merging pull requests. All operations are aligned with the skill's stated purpose of managing multi-dependency issues.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it parses untrusted data from GitHub issue and PR bodies (e.g., 'Depends on:' lines) to drive its merging logic.
  • Ingestion points: Data is ingested from gh issue view and gh pr list outputs in SKILL.md.
  • Boundary markers: No specific delimiters are used to separate user-provided body text from the skill's operational instructions.
  • Capability inventory: The skill has permissions to merge code via gh pr merge and modify issue content via gh issue edit.
  • Sanitization: No explicit sanitization or validation of the ingested text is performed before parsing dependency numbers.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 05:05 PM
Security Audit — agent-trust-hub — oh-join