gh-aw-safe-outputs
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious injection patterns or safety bypass attempts were detected. The usage patterns provided are standard instructional examples for the intended purpose of the skill.
- [DATA_EXFILTRATION]: No sensitive file access or unauthorized network operations were found. References to secrets and sensitive paths are used only within the context of security testing examples (e.g., demonstrating how the system blocks path traversal or secret leaks).
- [EXTERNAL_DOWNLOADS]: All external references point to official documentation on github.com and github.github.com, which are well-known and trusted services. No remote scripts or binary downloads are present.
- [INDIRECT_PROMPT_INJECTION]: The skill documents an architecture for handling untrusted data (e.g., issue content) and explicitly mandates multi-layer sanitization (XSS filtering, path validation, secret scanning) to mitigate injection risks. The attack surface is identified and addressed according to security best practices.
Audit Metadata