Skills
skills/openai/skills/gh-fix-ci/Gen Agent Trust Hub

gh-fix-ci

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes the GitHub CLI (gh) and a local script (inspect_pr_checks.py). While necessary for the skill's function, executing local code requires user trust in the script's contents.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8). 1. Ingestion points: GitHub Actions logs are ingested via gh run view --log. 2. Boundary markers: No explicit delimiters or instructions are used to distinguish log content from agent instructions. 3. Capability inventory: The agent has the capacity to modify the repository and execute local tests. 4. Sanitization: No sanitization is performed on the ingested logs before they are used to generate plans.
  • [NO_CODE] (LOW): The bundled script scripts/inspect_pr_checks.py mentioned in the documentation is missing from the provided files, preventing a thorough security review of its execution logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:47 PM