create-github-issue
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses several command-line tools including
ls,cat,git, andgh. These are used to discover issue templates, read configuration files, gather local repository context, and interact with the GitHub API. All command usage is transparent and directly related to the skill's stated purpose of managing GitHub issues. - [DATA_EXFILTRATION]: While the skill transmits data to GitHub, it does so through the official GitHub CLI (
gh). This communication is the primary function of the skill and is directed to a well-known, trusted service. No evidence of unauthorized data transmission or access to sensitive local files (like SSH keys or credentials) was found. - [EXTERNAL_DOWNLOADS]: The skill does not perform any external downloads of scripts or packages. It relies on pre-installed tools and local configuration files within the repository's
.github/directory. - [PROMPT_INJECTION]: The instructions use strong language (e.g., "CRITICAL", "MANDATORY") to ensure the agent follows specific templates, but these are instructional constraints to ensure correct formatting rather than attempts to bypass security filters or override system-level safety protocols.
Audit Metadata