Skills
skills/acedatacloud/skills/github/Gen Agent Trust Hub

github

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing untrusted data from GitHub. \n
  • Ingestion points: Untrusted data enters the context from file SKILL.md through tool outputs like gh issue view, gh pr view, gh search code, and gh api (when reading repository file contents). \n
  • Boundary markers: The instructions do not define delimiters or provide specific directives to the agent to ignore instructions embedded in the fetched GitHub content. \n
  • Capability inventory: The skill has access to the Bash tool and authenticated gh subcommands capable of modifying GitHub resources (e.g., gh issue create, gh pr merge, gh pr review, gh workflow run) using the provided $GH_TOKEN. \n
  • Sanitization: There are no mentioned mechanisms to sanitize, validate, or escape content retrieved from external GitHub sources before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 12:52 PM