Skills
skills/zenmux/skills/zenmux-feedback/Gen Agent Trust Hub

zenmux-feedback

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands and local bash scripts to check environment prerequisites, fetch repository labels, and manage documentation references. It specifically utilizes the gh (GitHub CLI) for these operations.
  • [EXTERNAL_DOWNLOADS]: The update-references.sh script performs a git clone or git pull from the vendor's official documentation repository (https://github.com/ZenMux/zenmux-doc.git) to ensure the agent uses current issue templates.
  • [DATA_EXFILTRATION]: The skill transmits user-generated feedback and bug reports to the external GitHub repository ZenMux/zenmux-doc. This behavior is expected and aligns with the stated purpose of the skill.
  • [PROMPT_INJECTION]: The skill is designed to ingest and follow instructions from external YAML files found within the cloned repository's issue templates.
  • Ingestion points: Files located at skills/zenmux-feedback/references/zenmux-doc/.github/ISSUE_TEMPLATE/*.yml.
  • Boundary markers: None; the skill explicitly treats these remote files as the "source of truth" for its operation.
  • Capability inventory: The agent has the ability to execute shell commands and interact with the GitHub API via the gh tool.
  • Sanitization: There is no verification or sanitization of the remote template content before the agent adopts its instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 08:15 AM
Security Audit — agent-trust-hub — zenmux-feedback