Skills
skills/steveonead/agent-skills/ito-diagnose/Gen Agent Trust Hub

ito-diagnose

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh command-line interface to automate the creation of GitHub issues and writes diagnostic results to the local docs/ito-temp/ directory.
  • [EXTERNAL_DOWNLOADS]: It fetches information from external repositories and documentation using specialized tools such as exa, deepwiki, and find-docs to verify library behaviors.
  • [DATA_EXFILTRATION]: Root cause diagnostics and stack traces are transmitted to GitHub's infrastructure when the agent creates issues to track identified problems.
  • [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection because it ingests untrusted user content like error messages and stack traces. 1. Ingestion points: User-provided error logs and symptom descriptions. 2. Boundary markers: Absent. 3. Capability inventory: GitHub issue creation, local file writing, and external search tool access. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 06:48 AM
Security Audit — agent-trust-hub — ito-diagnose