to-issues

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface identified.\n
  • Ingestion points: The skill fetches and reads content, including bodies and comments, from an external issue tracker based on user-provided references (SKILL.md).\n
  • Boundary markers: There are no explicit instructions or delimiters to isolate fetched data or prevent the agent from following commands embedded within it.\n
  • Capability inventory: The agent is authorized to read from and publish new tickets to the project's issue tracker.\n
  • Sanitization: No sanitization or validation logic is defined for the external data being processed.\n- [NO_CODE]: The skill contains no executable scripts or code files and relies entirely on natural language instructions for the AI agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 05:42 AM
Security Audit — agent-trust-hub — to-issues