grill-product
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill is comprised entirely of instructional Markdown documents and does not include any executable scripts, binaries, or application code.\n- [COMMAND_EXECUTION]: The instructions direct the agent to use the GitHub CLI (gh) to programmatically fetch issue data and reaction counts for research purposes. These commands are read-only and targeted at public repository metadata.\n- [EXTERNAL_DOWNLOADS]: The skill retrieves external data from public web sources (Reddit, Hacker News, Product Review sites) and the GitHub API to inform its analysis. All sources described are standard public platforms.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it is designed to ingest and process untrusted user-generated content from the internet.\n
- Ingestion points: External websites and GitHub issue threads specified in outside-voices.md.\n
- Boundary markers: None explicitly defined in the instructions to isolate or delimit untrusted data.\n
- Capability inventory: Access to web search and GitHub CLI tools as outlined in SKILL.md and outside-voices.md.\n
- Sanitization: Relies on agent-level verification and "vetting" of findings rather than programmatic sanitization of the input text.
Audit Metadata