Skills
skills/arize-ai/phoenix/phoenix-github/Gen Agent Trust Hub

phoenix-github

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides standard gh CLI commands to manage issues and project boards. These operations are restricted to the Arize-ai/phoenix repository and are consistent with the skill's documented purpose of project management.
  • [PROMPT_INJECTION]: The skill interacts with GitHub issues and projects, which represents an indirect prompt injection surface. An agent using this skill might ingest untrusted data from issue titles or descriptions that could contain malicious instructions.
  • Ingestion points: Issue metadata and content retrieved via gh api and gh issue commands in SKILL.md.
  • Boundary markers: None defined; data is processed as raw text in the example templates.
  • Capability inventory: The skill uses gh issue create, gh api repos, and gh api graphql, which allow for creating, updating, and deleting content on GitHub.
  • Sanitization: No sanitization or verification of external data is present in the provided shell command examples.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 11:56 AM