github
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill utilizes the official GitHub CLI ('gh'), which is a trusted and well-known tool from GitHub.
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the 'gh' CLI using trusted system package managers like Homebrew and APT, which fetch software from verified official repositories.
- [COMMAND_EXECUTION]: The skill's core functionality involves executing 'gh' commands to interact with repository data. This is the intended purpose and does not involve unauthorized privilege escalation or persistence.
- [PROMPT_INJECTION]: The skill processes external data from GitHub (issues, pull requests, and workflow logs), which constitutes an indirect prompt injection surface.
- Ingestion points: Data retrieved via 'gh issue', 'gh pr', 'gh run', and 'gh api' subcommands.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified in the provided command templates.
- Capability inventory: The skill performs subprocess execution of the GitHub CLI to interact with the GitHub service.
- Sanitization: No explicit sanitization or filtering logic for the retrieved GitHub content is defined in the skill documentation.
Audit Metadata