gh-unlink-subissue
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected. The skill's behavior is transparent and aligns perfectly with its stated purpose of managing GitHub sub-issues.
- [COMMAND_EXECUTION]: The skill executes the GitHub CLI (
gh) to perform GraphQL mutations. These operations are limited to unlinking issues and do not involve unauthorized system modifications or privilege escalation. - [PROMPT_INJECTION]: The skill has an ingestion surface for user input (GitHub issue URLs and numbers). However, it mitigates injection risks by using the
-fand-Fflags in thegh apicommand, which ensures that user-provided data is treated as literal values for GraphQL variables rather than being interpreted by the shell.
Audit Metadata