ghx
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and best practices for interacting with the GitHub CLI. It does not contain any executable scripts or entrypoints.
- [INDIRECT_PROMPT_INJECTION]: The skill documents how to ingest data from external sources (GitHub issues and pull requests). It explicitly recommends using structured files (
--body-file) andjqto handle this data safely, which is a best practice to mitigate potential command injection during data processing.
Audit Metadata