github-actions
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill serves as a documentation and template resource for GitHub Actions. It explicitly includes security best practices such as pinning versions of actions and using the least-privilege principle for permissions (e.g.,
contents: read).- [EXTERNAL_DOWNLOADS]: The skill references standard GitHub-provided actions (e.g.,actions/checkout,actions/setup-node,actions/setup-python) and well-known community actions (e.g.,softprops/action-gh-release). These are recognized as legitimate and trusted resources within the GitHub ecosystem.
Audit Metadata