Skills
skills/pspdfkit-labs/pi-skills/github-repo-search/Gen Agent Trust Hub

github-repo-search

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands using the gh CLI and curl by incorporating user-provided parameters such as repository names, search queries, and file paths. The lack of explicit instructions to sanitize or validate these inputs before execution creates a potential for command injection if a user provides crafted strings.\n- [PROMPT_INJECTION]: The skill ingests and displays content from remote repositories, which introduces a risk of indirect prompt injection. Malicious instructions embedded in the external files could influence the agent's behavior during the reading and summary phases.\n
  • Ingestion points: External repository content and metadata fetched via gh api and curl.\n
  • Boundary markers: None; external content is processed and presented to the agent without delimiters or safety warnings.\n
  • Capability inventory: Shell command execution (gh, curl, base64) and network connectivity.\n
  • Sanitization: None; the skill performs direct decoding and display of remote file content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 09:26 AM