milestone
Pass
Audited by Gen Agent Trust Hub on Jul 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill's primary function involves processing data from GitHub issues (descriptions and comments), which presents a theoretical surface for indirect prompt injection. This risk is effectively mitigated by the workflow's explicit instructions to seek user approval before merging pull requests and to stop immediately if an issue's requirements are unclear or if permissions are missing.
- Ingestion points: Issue descriptions, milestone details, and pull request comments fetched via GitHub (SKILL.md).
- Boundary markers: None explicitly defined in the instructions for wrapping issue content.
- Capability inventory: Repository state modification including branch creation, pull request generation (delegated to the task-to-pr tool), and merging (conditional on user permission).
- Sanitization: Relies on the agent's internal logic and mandatory human-in-the-loop checkpoints.
Audit Metadata