fix-bug
Pass
Audited by Gen Agent Trust Hub on Jun 22, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection as it is designed to ingest data from external sources such as GitHub issues and code reproduction sandboxes.
- Ingestion points: The workflow fetches issue details and reproduction code via
gh issue viewandWebFetchfrom GitHub, StackBlitz, and CodeSandbox URLs (SKILL.md). - Boundary markers: The instructions do not specify the use of delimiters to separate untrusted external content from the agent's core instructions.
- Capability inventory: The skill enables the execution of shell commands such as
pnpm test,git, andgh, and allows for file system writes to implement fixes (SKILL.md). - Sanitization: There are no explicit instructions for the agent to sanitize or validate retrieved external content before it is processed.
- [COMMAND_EXECUTION]: The skill utilizes common command-line utilities including
git,pnpm, andghto perform branch management, testing, and issue viewing. These operations are aligned with the skill's primary purpose of providing developer assistance for the officialremix-run/react-routerrepository.
Audit Metadata