Skills
skills/ceedaragents/cyrus/cyrus-setup-github/Gen Agent Trust Hub

cyrus-setup-github

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through user-provided identity values.
  • Ingestion points: User-supplied name and email values requested in Step 3.
  • Boundary markers: No delimiters or sanitization instructions are used when interpolating these values into shell commands.
  • Capability inventory: The skill uses the Bash tool to execute commands on the system.
  • Sanitization: There is no requirement for the agent to validate or escape the user input before using it in git config commands.
  • [COMMAND_EXECUTION]: The skill performs shell command execution to configure the local development environment.
  • Evidence: Executes gh auth login, gh auth status, and git config --global to manage authentication and user identity.
  • [SAFE]: The skill implements a security best practice by explicitly instructing the agent not to use file-reading tools on sensitive environment files in ~/.cyrus/, reducing the risk of accidental credential exposure in the conversation history.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 06:23 AM