qa
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI tool (
gh issue create) to create new issues. This is the core functionality of the skill and is used as intended for issue tracking. - [DATA_EXFILTRATION]: The skill transmits project-related information and user-reported issues to GitHub. The instructions include privacy-focused constraints, such as forbidding the inclusion of file paths, line numbers, or internal implementation details, to ensure that only behavioral descriptions are shared externally.
- [PROMPT_INJECTION]: The skill processes untrusted data from user conversations and potentially malicious content within the codebase (e.g.,
UBIQUITOUS_LANGUAGE.md) which represents an indirect prompt injection surface. - Ingestion points: User chat inputs and project documentation files read during the exploration phase.
- Boundary markers: The skill employs specific Markdown templates to structure the output sent to the GitHub CLI.
- Capability inventory: Execution of the GitHub CLI (
gh) for remote resource creation. - Sanitization: The instructions mandate focusing on user-facing behaviors and project-specific domain language rather than raw code or technical internals.
Audit Metadata