Skills
skills/jwynia/teach/github-agile/Gen Agent Trust Hub

github-agile

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes gh (GitHub CLI) and git commands through Deno's Command API to perform repository operations, triage issues, and manage pull requests. This logic is implemented in scripts/gh-verify.ts, scripts/gh-audit.ts, scripts/gh-init-project.ts, and scripts/gh-sync-context.ts.
  • [EXTERNAL_DOWNLOADS]: The documentation provides guidance for installing the official GitHub CLI through standard platform package managers (Homebrew, apt, winget), as documented in the GH0 state intervention section of SKILL.md.
  • [PROMPT_INJECTION]: The skill ingests untrusted content from GitHub issues and pull requests to extract decision candidates and update project status files.
  • Ingestion points: Issue and PR bodies processed in scripts/gh-sync-context.ts and scripts/gh-audit.ts.
  • Boundary markers: Absent; the scripts do not use specific delimiters or warnings to isolate ingested content.
  • Capability inventory: Subprocess execution via gh and git, and local file system writes within the context/ and .github/ directories.
  • Sanitization: Absent; external content is parsed via regex or JSON without specific security validation. This represents a surface for indirect prompt injection, which is handled as a low-severity risk due to its necessity for the skill's primary diagnostic purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 09:45 AM