pd-github
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [SAFE]: The skill implements standard GitHub API interactions for repository management and file operations through a proxy service.
- [COMMAND_EXECUTION]: The skill logic is executed using
npx tsx, which is a standard TypeScript execution environment for these tools. - [DATA_EXFILTRATION]: The skill can read file contents from GitHub repositories; this is a core intended functionality and not a security flaw.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted data from GitHub repositories. Ingestion points: Repository file contents and issue/PR metadata in
pd-github.ts. Boundary markers: None present in output. Capability inventory: Write operations for files, issues, and PRs inpd-github.ts. Sanitization: No specific sanitization of external content is performed.
Audit Metadata