Skills
skills/bmad-labs/skills/github-sync/Gen Agent Trust Hub

github-sync

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The pull workflow represents an indirect prompt injection surface because it ingests data from GitHub issue bodies and project fields that could be controlled by untrusted third parties.
  • Ingestion points: Fetches GitHub issue details and project v2 field values via GraphQL and REST API queries as described in the pull workflow.
  • Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded directives in content pulled from GitHub.
  • Capability inventory: The agent can execute system commands through the gh CLI and perform file write operations on project files.
  • Sanitization: No automated sanitization or escaping is applied to content retrieved from GitHub before it is integrated into local markdown files.
  • [COMMAND_EXECUTION]: The skill utilizes the GitHub CLI (gh) for project management tasks and runs a local Python script (parse-artifacts.py) to process project metadata.
  • [EXTERNAL_DOWNLOADS]: Interacts with GitHub APIs for data synchronization purposes, which is a standard and expected behavior for this skill's functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 08:15 PM