share-pretty-gist
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands using the GitHub CLI (gh) to create and edit gists based on content and metadata inferred from the conversation context.
- [EXTERNAL_DOWNLOADS]: The skill uses the curl utility to perform network requests to gists.sh for cache warming and content refresh operations.
- [DATA_EXFILTRATION]: The skill's primary function is to upload data to an external service (GitHub). It mitigates risk by defaulting to secret gists and requiring explicit user instructions for public sharing.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by processing and sharing untrusted content. * Ingestion points: Text, code, and filenames are derived from user requests or conversation context. * Boundary markers: No delimiters or isolation instructions are present to prevent the agent from obeying instructions embedded in shared content. * Capability inventory: Subprocess execution via gh CLI and network access via curl. * Sanitization: No sanitization or validation of the content is performed before gist creation.
Audit Metadata