github-actions-cicd
Fail
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
- Credentials Unsafe (HIGH): Automated security scans (URLite) identified the domain
global.imas a malicious phishing site. Skills referencing such domains are typically designed to trick the agent or user into providing sensitive credentials, API tokens, or login information. - Data Exposure & Exfiltration (HIGH): Connecting to a flagged phishing domain facilitates the exfiltration of session data, environmental variables, or user-provided secrets to an attacker-controlled infrastructure.
- Metadata Poisoning (MEDIUM): The inclusion of malicious endpoints within the skill's definition suggests that the skill's metadata or intended operational flow has been compromised or was created with malicious intent to bypass standard security filters.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata