migrate-from-gha
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- Prompt Injection (LOW): Indirect Prompt Injection Surface. The skill reads untrusted GitHub Actions workflow files provided via the $ARGUMENTS parameter.\n
- Ingestion points: Workflow YAML files (e.g., .github/workflows/ci.yml).\n
- Boundary markers: Absent. The instructions do not specify the use of delimiters or 'ignore' instructions when processing the external file content.\n
- Capability inventory: The skill can write files to the .rwx/ directory and execute bash commands via the rwx CLI (docs pull, lint, run).\n
- Sanitization: Absent. The agent analyzes and translates the logic directly into a new configuration file.\n- Command Execution (SAFE): The skill invokes the rwx CLI for documentation, search, and linting. These are standard operations and do not involve executing untrusted input directly in the shell environment.\n- External Downloads (LOW): The rwx docs pull command retrieves documentation from the RWX platform. While this involves network activity, it is a restricted and intended behavior for the migration process.
Audit Metadata