Skills
skills/thedotmack/claude-mem/oh-my-issues/Gen Agent Trust Hub

oh-my-issues

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data from GitHub issue bodies and comments, creating an attack surface where malicious input could theoretically influence agent actions during clustering or triage.
  • Ingestion points: The instructions in SKILL.md direct the agent to fetch and read the full body and comment threads of all open issues using gh issue list and gh issue view commands.
  • Boundary markers: The instructions lack explicit delimiters (like XML tags) or specific directives to the agent to ignore instructions embedded within the issue data.
  • Capability inventory: The skill has significant write capabilities on the repository, including gh issue create, gh issue comment, and gh issue close.
  • Sanitization: There are no explicit sanitization or validation steps for the external issue content before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 07:57 PM
Security Audit — agent-trust-hub — oh-my-issues