Skills
skills/letta-ai/lettabot/github/Gen Agent Trust Hub

github

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the gh binary to facilitate repository management and interaction.
  • [EXTERNAL_DOWNLOADS]: The skill metadata references the installation of the GitHub CLI through trusted package managers like Homebrew and APT.
  • [PROMPT_INJECTION]: The skill processes untrusted data from GitHub (CI logs and API data), which may contain malicious instructions. 1. Ingestion points: gh run view and gh api commands in SKILL.md. 2. Boundary markers: No markers are used to separate external data from system instructions. 3. Capability inventory: Execution of gh CLI commands in SKILL.md. 4. Sanitization: No sanitization or filtering of the GitHub command output is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 11:40 PM