Skills
skills/plurigrid/asi/gh/Gen Agent Trust Hub

gh

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill documents numerous shell commands using the GitHub CLI (gh). These are used for administrative and development tasks on GitHub.
  • [CREDENTIALS_UNSAFE]: Includes the gh auth token command, which displays the active authentication token. This poses a potential risk of credential leakage if the agent's output is logged or shared.
  • [PROMPT_INJECTION]: Reading content from pull requests and issues creates an indirect prompt injection surface where malicious external data might influence agent behavior.
  • Ingestion points: Data enters via commands like gh pr list, gh issue list, and gh api.
  • Boundary markers: The skill does not define specific delimiters to wrap or isolate content retrieved from GitHub.
  • Capability inventory: The skill allows for repository creation, merging PRs, and running workflows via the gh tool.
  • Sanitization: No explicit sanitization of data retrieved from external GitHub sources is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 07:38 PM