executing-github-task
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands for Git operations, GitHub CLI interactions, and project-specific test runners. These operations are essential for the development lifecycle and are executed within the context of approved task plans.
- [DATA_EXFILTRATION]: The skill uses the
ghtool to communicate with GitHub issues. This communication is limited to status updates, labels, and comments, which are functional requirements for task orchestration and do not involve unauthorized exfiltration of sensitive data. - [SAFE]: The orchestrator implements a secure-by-design pipeline with multiple review gates. Specifically, the inclusion of a dedicated
security-auditorsubagent to inspect code for hardcoded secrets and unsafe input handling reflects a high standard of security practice for automated coding tools.
Audit Metadata