Skills
skills/georgekhananaev/claude-skills-vault/github-cli/Gen Agent Trust Hub

github-cli

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes gh CLI commands to manage GitHub repositories, issues, and pull requests. The skill implements a robust risk-classification system (Safe, Write, Destructive, Forbidden) to prevent accidental or unauthorized execution of high-impact commands.
  • [EXTERNAL_DOWNLOADS]: Facilitates cloning repositories and downloading workflow artifacts from GitHub's official infrastructure. These operations are core to the skill's purpose and target a well-known, trusted service.
  • [PROMPT_INJECTION]: Ingests potentially untrusted data from GitHub (PR bodies, issue comments, and workflow logs) via commands like gh pr view and gh run view --log. This presents an indirect prompt injection surface.
  • Ingestion points: gh pr view, gh issue view, gh run view --log in SKILL.md and references/safety-rules.md.
  • Boundary markers: Absent.
  • Capability inventory: Full repository management via gh including code modification, secret management, and repository deletion.
  • Sanitization: Absent.
  • Risk Assessment: This surface is mitigated by the skill's mandatory safety protocols requiring human confirmation for all non-read operations.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 05:42 PM