maintainer-review
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- Indirect Prompt Injection Surface: The skill is designed to ingest and analyze external content from GitHub, such as issue reports and pull request comments. While this data could potentially contain malicious instructions, the skill mitigates this risk by requiring the agent to independently verify claims and separate evidence from reported symptoms.
- Gated Runtime Environment: The skill allows for the execution of code through a 'runtime probe' stage. Security is maintained by requiring explicit user approval before execution and by utilizing a separate, regulated capability for the actual runtime work.
- Restricted Capability Scope: The instructions clearly define the boundaries of the skill's authority, explicitly stating that the agent is not authorized to perform remote write operations like posting comments, labeling, or pushing code to branches. This adherence to the principle of least privilege limits the potential impact of accidental or malicious tool usage.
Audit Metadata