github-issue-repro-and-fix
Pass
Audited by Gen Agent Trust Hub on Jun 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection from external data sources.
- Ingestion points: Reads untrusted content from GitHub issue reports, pull requests, and comments using the
ghCLI (SKILL.md). - Boundary markers: Lacks instructions or markers to treat external content as untrusted or to ignore embedded instructions.
- Capability inventory: Executes potentially user-influenced code through
pnpm test,pnpm typecheck, andpnpm lint(SKILL.md). - Sanitization: No evidence of sanitization or filtering of external issue content before it is processed by the agent.
- [COMMAND_EXECUTION]: Employs standard developer tools including
gh,rg, andpnpmto analyze the codebase and verify fixes. These commands are aligned with the skill's intended purpose of repository maintenance.
Audit Metadata