github-actions-creator
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill recommends several third-party GitHub Actions for various tasks (deployment, security scanning, notifications). While many are from trusted organizations (e.g., actions/, google-github-actions/, aws-actions/), others are from community maintainers (e.g., dtolnay/rust-toolchain, softprops/action-gh-release, amondnet/vercel-action). This is standard for GitHub Actions creation skills.
- PROMPT_INJECTION (SAFE): No patterns were detected that attempt to override the AI's safety protocols or reveal internal instructions.
- DATA_EXFILTRATION (SAFE): The skill provides instructions on using secrets safely and explicitly warns against echoing secrets in logs.
- COMMAND_EXECUTION (SAFE): The skill provides templates for executing commands within workflows but includes a specific 'Security Best Practices' section that mandates passing event data through environment variables to prevent command/script injection vulnerabilities.
- INDIRECT_PROMPT_INJECTION (LOW): The skill ingests data from project files (e.g., package.json, requirements.txt) to determine the tech stack. While this is an attack surface, the skill includes sanitization logic and strict output rules that mitigate the risk of malicious file content influencing the resulting workflow execution.
Audit Metadata