Skills
skills/ry-run/run-skills/github-skill/Gen Agent Trust Hub

github-skill

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes data from external, potentially untrusted GitHub sources.
  • Ingestion points: Tools such as get_file_contents, issue_read, and pull_request_read (referenced in SKILL.md) fetch content from remote repositories that could be modified by third parties.
  • Boundary markers: The instructions do not provide explicit delimiters or specific warnings for the agent to ignore instructions embedded within the data fetched from GitHub.
  • Capability inventory: The skill possesses high-impact write capabilities, including create_or_update_file, delete_file, and merge_pull_request.
  • Sanitization: There is no mention of sanitizing or validating the content retrieved from remote repositories before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 07:20 AM