Skills
skills/laurigates/claude-plugins/finops-workflows/Gen Agent Trust Hub

finops-workflows

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell scripts (workflow-runs.sh and workflow-runs-org.sh) that wrap gh (GitHub CLI) commands. These scripts use set -euo pipefail for safer execution and properly handle arguments.
  • [DATA_EXPOSURE]: The skill accesses GitHub workflow run metadata (durations, success rates, triggers) via the GitHub API. This data is processed locally to generate reports and is not transmitted to external third-party domains.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from GitHub API responses, such as repository names, workflow names, and run conclusions. While these are rendered as text, a malicious actor could theoretically name a workflow with instructions intended to influence the agent's 'Post-actions' reasoning.
  • Ingestion points: gh api responses in workflow-runs.sh and workflow-runs-org.sh.
  • Boundary markers: None used; data is interpolated directly into the output stream.
  • Capability inventory: The skill has Bash and TodoWrite capabilities listed in SKILL.md.
  • Sanitization: The scripts use jq for parsing, which provides some structure, but the resulting strings are not sanitized for secondary injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 08:11 PM