github-project-management
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The input consists solely of a metadata.json file. The primary skill file (SKILL.md) and associated scripts were not provided for review. As such, no executable instructions or dangerous logic could be identified within the provided content.\n- [EXTERNAL_DOWNLOADS] (SAFE): The metadata references a GitHub URL (github.com/ruvnet/claude-flow) as the source repository. This is a descriptive field and does not initiate remote code execution or unauthorized downloads in the context of the provided metadata.\n- [MALICIOUS_URL_FALSE_POSITIVE] (SAFE): An automated scan flagged 'github.event.label.name' as a malicious URL. This is a clear false positive; the string is a standard GitHub Actions context variable used for workflow automation and is not a network-accessible URL.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata