copilot-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to download the official GitHub Copilot SDK from trusted public registries including npm, PyPI, and GitHub's own package repositories.
- [COMMAND_EXECUTION]: The documentation includes standard command-line instructions for environment setup, package installation, and execution of local SDK samples across various runtimes.
- [SAFE]: No obfuscation, data exfiltration, or malicious injection patterns were found. The skill correctly utilizes official GitHub APIs and secure JSON-RPC communication for interaction with the Copilot CLI.
Audit Metadata