git
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for utilizing the GitHub CLI ('gh') to perform operations such as listing and viewing issues, viewing pull requests, and merging branches as part of the development workflow in 'SKILL.md'.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by instructing the agent to retrieve untrusted content from GitHub issues and pull request descriptions using 'gh issue view' and 'gh pr view' in 'SKILL.md'.
- Ingestion points: Untrusted content is retrieved from external GitHub issue and PR bodies.
- Boundary markers: The skill does not provide specific delimiters or instructions to ignore embedded commands within the ingested data.
- Capability inventory: The skill uses the GitHub CLI for repository management tasks.
- Sanitization: There is no mention of sanitization or validation of the externally retrieved text.
Audit Metadata