Skills
skills/artivilla/agents-config/github/Gen Agent Trust Hub

github

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the gh CLI for repository operations. In CREATE_ISSUE.md, it also performs dynamic context injection by executing a shell command (node -p) to retrieve system temporary directory paths and timestamps for file management.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and displays content from external GitHub issues and comments which may contain malicious instructions.
  • Ingestion points: Data is read from the GitHub API via gh issue view and gh issue list as documented in VIEW_ISSUE.md and LIST_ISSUES.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to treat the fetched content as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill possesses the ability to write to the local filesystem (Write tool) and modify remote repository states (creating, editing, and closing issues).
  • Sanitization: No sanitization or validation logic is defined to inspect or clean the retrieved issue content before it enters the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 02:15 AM