Skills
skills/jackchuka/ghpm/ghpm-status/Gen Agent Trust Hub

ghpm-status

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is granted Bash(gh:*) capabilities, allowing it to execute any GitHub CLI command. Although the skill description states it is read-only, the broad permission grant allows for a wide range of interactions with the GitHub API.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it aggregates and processes untrusted data from GitHub project items (such as titles, field values, and custom field options).\n
  • Ingestion points: Processes data from .ghpm/config.json and cached items from GitHub projects (file: SKILL.md).\n
  • Boundary markers: There are no explicit instructions to use delimiters or ignore embedded instructions when interpolating project item content into the dashboard output.\n
  • Capability inventory: The skill has access to Bash(gh:*) for GitHub API interaction, Read for file access, and Grep for searching (file: SKILL.md).\n
  • Sanitization: The skill does not define any sanitization or validation logic for the content fetched from the GitHub project before it is displayed or processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 05:19 PM