Skills
skills/smallnest/goal-workflow/loop-it/Gen Agent Trust Hub

loop-it

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill fetches issue titles and bodies from GitHub to determine implementation steps and dependency ordering. This introduces a surface for indirect prompt injection where malicious content in an issue body could attempt to influence the agent's behavior.
  • Ingestion points: Fetches issue data from GitHub via gh issue list (SKILL.md).
  • Boundary markers: None mentioned; the agent parses the raw issue content.
  • Capability inventory: The skill uses git, gh, and cat for repository and issue management (SKILL.md).
  • Sanitization: No explicit sanitization or validation of external issue content is mentioned.
  • [DATA_EXPOSURE_AND_EXFILTRATION]: The skill interacts with GitHub to fetch issues and manage branches. These network operations are directed at a well-known service and are necessary for the skill's stated purpose.
  • Evidence: Uses gh issue list and git ls-remote to interact with GitHub (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:58 AM
Security Audit — agent-trust-hub — loop-it