grill-product

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFENO_CODECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill is comprised entirely of instructional Markdown documents and does not include any executable scripts, binaries, or application code.\n- [COMMAND_EXECUTION]: The instructions direct the agent to use the GitHub CLI (gh) to programmatically fetch issue data and reaction counts for research purposes. These commands are read-only and targeted at public repository metadata.\n- [EXTERNAL_DOWNLOADS]: The skill retrieves external data from public web sources (Reddit, Hacker News, Product Review sites) and the GitHub API to inform its analysis. All sources described are standard public platforms.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and process untrusted user-generated content from the internet.\n
  • Ingestion points: External websites and GitHub issue threads specified in outside-voices.md.\n
  • Boundary markers: None explicitly defined in the instructions to isolate or delimit untrusted data.\n
  • Capability inventory: Access to web search and GitHub CLI tools as outlined in SKILL.md and outside-voices.md.\n
  • Sanitization: Relies on agent-level verification and "vetting" of findings rather than programmatic sanitization of the input text.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 10:37 PM
Security Audit — agent-trust-hub — grill-product