fix-github-issue
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data from GitHub issue descriptions, creating a surface for indirect prompt injection. • Ingestion points: GitHub issue descriptions; • Boundary markers: Not specified; • Capability inventory: Shell command execution via yarn, adb, xcrun, and simctl in SKILL.md; • Sanitization: No explicit validation of issue content is mentioned.
- [PROMPT_INJECTION]: The 'Self-Evolving Instructions' section directs the agent to modify its own skill documentation (SKILL.md and review-and-test skill), which could be manipulated to alter the agent's future behavior.
- [COMMAND_EXECUTION]: The skill employs various standard developer CLI tools (yarn, adb, xcrun, simctl, lsof, kill) to manage the React Native build lifecycle and environment. These commands are consistent with the skill's stated purpose and operate within the project context (fixture/react-native/).
Audit Metadata