pd-github-file
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from external GitHub repositories, creating a surface for indirect prompt injection. * Ingestion points: Content is retrieved from remote repositories via the resources/pd-github.ts script as documented in SKILL.md. * Boundary markers: No explicit instructions or delimiters are shown in the command usage to prevent the agent from following instructions found within the fetched files. * Capability inventory: The skill executes resources/pd-github.ts using npx tsx and has the capability to output file content to the agent context. * Sanitization: There is no visible mechanism in the provided skill structure to sanitize or validate the content of the files retrieved from GitHub before they are processed by the agent.
Audit Metadata