github-actions-reference
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill reads from 'docs/claude-reference/github-actions.md'. Ingesting external or repository content provides a surface for indirect prompt injection where embedded instructions could attempt to influence agent behavior.
- Ingestion points: docs/claude-reference/github-actions.md via the Read tool.
- Boundary markers: Absent; the skill does not wrap the content in delimiters or instructions to ignore embedded commands.
- Capability inventory: Limited to file reading and text generation; no subprocess execution, network access, or file-write capabilities are defined.
- Sanitization: None specified for the ingested documentation content.
Audit Metadata