infra-ci-cd-github-actions
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill includes examples of shell commands used within GitHub Actions workflows. A cleanup example in
examples/core.mdusessudo rm -rfon specific system directories (/usr/share/dotnet,/opt/ghc) to free up disk space on ephemeral GitHub runners. This is a common and benign optimization in CI environments. - [EXTERNAL_DOWNLOADS]: The skill references several official GitHub Actions from trusted providers such as GitHub, AWS, and HashiCorp. These include
actions/checkout,aws-actions/configure-aws-credentials, andhashicorp/vault-action. These references are standard for CI/CD workflows and target well-known, trusted repositories. - [DATA_EXFILTRATION]: No patterns of unauthorized data access or exfiltration were detected. The skill provides clear guidance on secure secret management, advocating for OIDC and secrets managers over static credentials.
- [PROMPT_INJECTION]: No evidence of malicious prompt injection or behavior override instructions was found. The instructions focus on enforcing project conventions and security best practices for CI/CD configuration.
Audit Metadata