outside-to-issue

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a local script scripts/transform-outside-to-issues.sh to automate the transformation of review files. This is a standard project automation task and does not involve arbitrary command execution.
  • [DATA_EXFILTRATION]: The skill reads markdown files from ai-docs/reviews-pr-<PR>/outside/ and writes transformed files to ai-docs/reviews-pr-<PR>/issues/. These file operations are confined to the project's own documentation directories and do not involve unauthorized data access or network transmission.
  • [PROMPT_INJECTION]: The skill ingests markdown content from external review files. While this represents a surface for indirect prompt injection, the skill's logic is limited to structural transformation and metadata preservation, minimizing the risk of the agent being manipulated by the file content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 11:28 AM
Security Audit — agent-trust-hub — outside-to-issue