repo-config
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were detected. The skill's operations align with its stated purpose of managing GitHub repository configurations.
- [COMMAND_EXECUTION]: The skill utilizes the 'gh-manager' CLI for reading and writing configuration files. These commands are used to implement the core functionality of the skill and are executed with parameters provided by the user or derived from repository metadata.
- [INDIRECT_PROMPT_INJECTION]: The skill defines a surface for processing external data from repository-hosted configuration files.
- Ingestion points: Reads '.github-repo-manager.yml' files from repository roots (SKILL.md).
- Boundary markers: None explicitly defined in the instructions for separating untrusted config data from system instructions.
- Capability inventory: Uses 'gh-manager' for configuration resolution and automated pull request creation.
- Sanitization: Implements validation against 'config/schema.yml', includes type coercion for ambiguous values, and provides error reporting to users when configuration anomalies are detected.
Audit Metadata