exa-ci-integration
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill references official GitHub Actions (
actions/checkout@v4andactions/setup-node@v4). According to the [TRUST-SCOPE-RULE], downloads from the 'actions' GitHub organization are considered low risk and do not negatively impact the verdict. - [COMMAND_EXECUTION] (SAFE): The skill includes instructions for using the GitHub CLI (
gh) to manage repository secrets. This is the correct and secure method for handling authentication tokens in CI/CD environments. - [DATA_EXPOSURE & EXFILTRATION] (SAFE): No hardcoded credentials were found. The skill uses descriptive placeholders like 'sk_test_***' and instructs users to store actual keys in protected environment variables.
- [SAFE] (SAFE): Indirect Prompt Injection analysis: The skill facilitates creation of automation workflows which represent a data ingestion surface for CI runners. However, the templates are standard and encourage the use of secure environment variables.
- Ingestion points: Workflow configuration file
.github/workflows/exa-integration.yml. - Boundary markers: Standard YAML syntax.
- Capability inventory: Write, Edit, and Bash (via
ghCLI) tools allowed for setup. - Sanitization: Relies on GitHub's internal secret masking and standard environment variable injection.
Audit Metadata