Skills
skills/janwilmake/uithub/uithub-fetcher/Gen Agent Trust Hub

uithub-fetcher

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the uithub CLI using parameters like repository names and search patterns derived from user-provided URLs. This presents a potential command injection risk if input is not properly handled by the agent context.
  • [PROMPT_INJECTION]: The skill allows for indirect prompt injection through the ingestion of external repository data.
  • Ingestion points: Repository code, issues, and pull request data are retrieved via the uithub command as described in SKILL.md.
  • Boundary markers: There are no defined delimiters to separate external content from internal instructions.
  • Capability inventory: The agent can execute CLI tools and perform repository searches.
  • Sanitization: No content sanitization or filtering is implemented for the fetched GitHub data.
  • [EXTERNAL_DOWNLOADS]: The skill requires the uithub CLI and directs users to install it via a local path reference.
  • [CREDENTIALS_UNSAFE]: The tool stores sensitive GitHub OAuth tokens in a local file at ~/.uithub/token.json.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 01:05 PM