gh
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in the skill files. The skill focuses on providing legitimate instructions and reference material for the GitHub CLI (gh).
- [PROMPT_INJECTION]: Indirect Prompt Injection attack surface identified, assessed as safe given the skill's primary purpose.
- Ingestion points: The skill reads untrusted data from GitHub pull requests, issues, and comments via commands like
gh pr viewandgh issue list(documented inSKILL.mdandreferences/gh.md). - Boundary markers: None specified; the agent is not explicitly instructed to use delimiters when processing external content.
- Capability inventory: The skill uses the
ghtool to perform repository mutations, API calls, and local branch management across its core scripts and reference files. - Sanitization: The skill does not provide instructions for sanitizing or validating data fetched from GitHub before the agent processes it.
Audit Metadata