plan-bug
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the GitHub CLI (
gh issue create) to create issues on the remote repository. This operation is the core functionality of the skill and is triggered only upon user confirmation. - [PROMPT_INJECTION]: The skill processes user-supplied data (bug descriptions, reproduction steps) and interpolates them into a shell command. It effectively mitigates indirect prompt injection risks by:
- Confirmation Gate: Forcing the agent to display the full draft and wait for explicit user approval before execution.
- Quoted Heredocs: Using the
cat <<'EOF'shell pattern, which ensures the issue body is treated as a literal string and prevents the shell from executing any command substitutions or variable expansions contained within the user input. - [DATA_EXFILTRATION]: Issue data is sent to GitHub repositories identified via
git remote. This is a standard operation for developer tools and involves a well-known service, presenting no unexpected data exposure risks.
Audit Metadata