gh-cli
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides examples for running the 'gh' CLI tool to perform various repository management tasks.
- [EXTERNAL_DOWNLOADS]: It references the 'gh' CLI utility, which is a well-known service from GitHub.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its interaction with untrusted external content.
- Ingestion points: The agent pulls data from external sources using commands like 'gh pr view', 'gh issue view', and 'gh run view --log'.
- Boundary markers: No delimiters or safety instructions are defined to help the agent distinguish between data and instructions in the fetched content.
- Capability inventory: The skill provides capabilities for significant actions, such as merging pull requests, creating issues, and managing workflows.
- Sanitization: There is no indication that data fetched from GitHub is sanitized or validated before being processed by the agent.
Audit Metadata