Skills
skills/rshade/agent-skills/roadmap/Gen Agent Trust Hub

roadmap

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [SAFE]: No obfuscation techniques, hardcoded credentials, or data exfiltration behaviors were detected. All external communication is routed through the official GitHub CLI.- [COMMAND_EXECUTION]: The skill uses the official GitHub CLI (gh) to perform legitimate repository management tasks such as fetching issues, managing milestones, and updating labels. These commands are integral to the stated purpose of the skill.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from GitHub issues.
  • Ingestion points: Fetches untrusted issue titles and bodies via gh issue list and gh api in references/sync.md, references/generate.md, and references/status.md.
  • Boundary markers: While it uses CONTEXT.md to define project boundaries, it lacks explicit delimiters (such as XML tags or Markdown code blocks) to isolate untrusted external content from agent instructions.
  • Capability inventory: The skill possesses file-write capabilities for ROADMAP.md and CONTEXT.md and can modify GitHub issue metadata via gh issue edit and gh label create.
  • Sanitization: The instructions recommend running markdownlint after file modifications, which handles structural formatting but does not provide semantic sanitization or filtering of instructions embedded within issue content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:59 AM