Skills
skills/ruvnet/claude-flow/agent-github-modes/Gen Agent Trust Hub

agent-github-modes

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Prompt Injection (LOW): Detected indirect prompt injection surface (Category 8). \n
  • Ingestion points: The skill ingests untrusted data from external sources using gh pr view, gh issue list, and the Read tool (File: SKILL.md).\n
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to distinguish between internal instructions and external data content.\n
  • Capability inventory: The skill possesses the Bash tool, Write capability, and agent spawning tools, creating a path for malicious instructions in PRs or issues to be executed (File: SKILL.md).\n
  • Sanitization: No mechanisms for sanitizing or filtering external GitHub content are implemented.\n- Command Execution (SAFE): The skill utilizes the Bash tool to perform repository operations such as git and gh CLI commands. This is consistent with the primary purpose of managing GitHub workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:12 PM