github-info
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Bash scripts and the gh command-line tool to fetch data from GitHub. This behavior is documented and legitimate for a GitHub integration tool using standard utilities.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes external content (bios and descriptions) from GitHub. 1. Ingestion points: Profile and repository data retrieved via gh api and gh repo list. 2. Boundary markers: Absent in script outputs. 3. Capability inventory: Shell script execution and API access. 4. Sanitization: No evidence of escaping or filtering content from GitHub.
Audit Metadata