feature-intake
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (
gh) and Git (git) for managing project state. All destructive or state-changing operations (creating issues, updating project boards) are preceded by status checks and explicitly require a human-in-the-loop approval step before execution. - [EXTERNAL_DOWNLOADS]: No external package installations (npm, pip, etc.) or remote script executions were detected. The skill relies on pre-installed system binaries (
gh,git,rg). - [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were found. Network operations are limited to the official GitHub API via the
ghCLI for the purpose of repository management, which is consistent with the skill's stated purpose. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from stakeholders (feature requests). It mitigates injection risks by requiring the agent to draft content for review and using file-based inputs (
--body-file) for CLI commands rather than direct shell interpolation of raw user strings.
Audit Metadata