fix-issue
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill handles untrusted data from external GitHub issues and sandbox URLs, creating a surface for indirect prompt injection where malicious instructions could potentially influence the agent.
- Ingestion points: Data is ingested via
gh issue viewandWebFetchof external sandbox URLs (e.g., StackBlitz, CodeSandbox). - Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands within the fetched external data.
- Capability inventory: The agent has the capability to write files, manage git branches, and execute code through
pnpm test. - Sanitization: No explicit sanitization or filtering is applied to external code snippets or issue descriptions before they are processed by the agent.
- [COMMAND_EXECUTION]: The skill involves the execution of various shell commands to perform repository maintenance and testing tasks.
- Evidence: The workflow includes executing
git fetch,git branch,pnpm test,pnpm run lint, andgh issue view. These commands are standard for the skill's intended purpose of fixing issues in the Remix monorepo.
Audit Metadata