Skills
skills/g1joshi/agent-skills/github-actions/Gen Agent Trust Hub

github-actions

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWNO_CODE
Full Analysis
  • [NO_CODE] (SAFE): The skill (SKILL.md) contains only documentation and template examples. No executable scripts (Python, Node.js, Shell) are present, which eliminates the risk of direct execution of malicious logic.
  • [DATA_EXPOSURE] (SAFE): The templates use standard GitHub secret syntax. No hardcoded credentials or sensitive file paths are present.
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill (SKILL.md) documents triggers for external data. 1. Ingestion: GitHub event context (PRs/inputs). 2. Boundaries: Absent. 3. Capabilities: Workflow runner shell execution ('run' steps). 4. Sanitization: Not in examples, but warned against in 'Best Practices' section.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 06:41 AM