Skills
skills/ruvnet/agentic-flow/github-project-management/Gen Agent Trust Hub

github-project-management

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Downloads and executes the claude-flow and ruv-swarm packages using npx. These tools are provided by the vendor and are used for swarm coordination (SKILL.md).
  • [COMMAND_EXECUTION]: Utilizes the GitHub CLI (gh) and shell scripts to automate project board synchronization, issue triage, and sprint management (SKILL.md).
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external content from GitHub issues and comments.
  • Ingestion points: GitHub issue bodies and comments accessed via gh issue view and gh issue list (SKILL.md).
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present when interpolating issue data into prompts or passing it to swarm agents.
  • Capability inventory: Subprocess calls to gh, npx, and shell utilities, plus file write capabilities via the Write and TodoWrite tools (SKILL.md).
  • Sanitization: No sanitization or escaping of the ingested issue data is demonstrated before it is used for task decomposition or state transitions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 05:44 AM