pin-github-actions
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill proactively addresses potential indirect prompt injection risks by explicitly instructing the agent to only extract structured data from the GitHub API using
--jqselectors. It directs the agent to ignore and never act upon free-text fields such as release notes or descriptions, and requires validation of tag names and commit SHAs against strict regular expression patterns before use. - [EXTERNAL_DOWNLOADS]: Fetches version and SHA metadata from the GitHub API, a well-known service. The process involves targeted API calls to retrieve specific repository identifiers, avoiding the download of executable content or script blobs.
- [COMMAND_EXECUTION]: Uses standard command-line tools like
findandgh(GitHub CLI) to identify workflow files and resolve metadata. These operations are conducted within the local repository scope and require user confirmation before any modifications are applied to files. - [SAFE]: The skill follows robust security practices for repository management. It includes a multi-step verification process, flags major version upgrades for user review, and merges configuration with existing
dependabot.ymlfiles instead of overwriting them.
Audit Metadata