Skills
skills/dtsong/my-claude-setup/cicd-generation/Gen Agent Trust Hub

cicd-generation

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes utility scripts (scripts/pin-action-versions.sh, scripts/validate-workflow.sh) that use the GitHub CLI (gh) and actionlint to perform administrative CI/CD tasks, such as resolving action version SHAs and validating YAML syntax.
  • [PROMPT_INJECTION]: The skill analyzes repository structure and metadata to determine the appropriate CI/CD pipeline configuration. This constitutes an indirect prompt injection surface.
  • Ingestion points: Repository files (e.g., package manager files, test configs) analyzed in Step 1 of SKILL.md.
  • Boundary markers: The skill defines strict input sanitization rules but does not specify delimiters for analyzed content.
  • Capability inventory: The skill generates YAML content and recommends shell commands for local validation.
  • Sanitization: SKILL.md explicitly requires sanitization of workflow names, action references, and secret names using alphanumeric filters to prevent injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 12:44 AM