Skills
skills/ofershap/mcp-server-github-gist/gist-management/Gen Agent Trust Hub

gist-management

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill provides a markdown-based interface and tool definitions for interacting with an external GitHub MCP server. No scripts (Python, JavaScript, or Shell) are included in the skill definition.
  • [SAFE]: The requirement for a GITHUB_TOKEN is a legitimate configuration step for the intended functionality (accessing the GitHub Gists API) and does not involve hardcoded credentials.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface through the ingestion of external data.
  • Ingestion points: File contents retrieved from GitHub via the gist_get tool.
  • Boundary markers: None specified; instructions do not advise the agent to ignore commands found within gist files.
  • Capability inventory: The skill can create, update, and delete gists (write/delete access).
  • Sanitization: No sanitization or validation of the external content is performed before it enters the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 10:39 PM