Skills
skills/bntvllnt/agent-skills/github/Gen Agent Trust Hub

github

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • COMMAND_EXECUTION (SAFE): The skill utilizes the official GitHub CLI to manage developer workflows. It implements a robust confirmation policy for all mutation operations (e.g., merging PRs, deleting releases, setting secrets), aligning with security best practices for agentic tools.
  • PROMPT_INJECTION (LOW): The skill is susceptible to indirect prompt injection because it ingests untrusted data from GitHub (such as PR titles, comments, and CI logs) which could contain malicious instructions designed to manipulate the agent's behavior.
  • Ingestion points: gh pr view, gh run view --log-failed, gh pr list, git log, and git diff
  • Boundary markers: None detected; the skill does not wrap external data in delimiters or instruct the agent to ignore embedded commands.
  • Capability inventory: High-impact capabilities include gh pr merge, gh secret set, gh repo delete, and gh run rerun
  • Sanitization: No explicit sanitization or validation of the fetched content is performed before processing.
  • EXTERNAL_DOWNLOADS (LOW): The skill enables the installation of third-party GitHub CLI extensions via gh extension install and the downloading of build artifacts via gh run download. While these are standard features of the GitHub CLI, they allow for the introduction of untrusted executable code into the environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:07 PM