to-issues
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs standard developer-focused tasks, such as reading plans and generating issue descriptions. All operations align with the stated purpose of project management automation.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted external data (plans, specs, or PRDs). This is documented as a potential vector for malicious instructions to influence the issue creation process. However, the design includes a mandatory review step ('Quiz the user') where the AI must present the proposed breakdown for human approval before publishing, effectively mitigating the risk.
- Ingestion points: Reads plan content from conversation context or external issue tracker references in
SKILL.md. - Boundary markers: None explicitly defined for untrusted input text.
- Capability inventory: Codebase exploration, issue tracker reading, and issue tracker writing.
- Sanitization: Relies on human review for validation of generated output.
Audit Metadata