Skills
skills/sethcarney/custom-plugins/gh-project-scope/Gen Agent Trust Hub

gh-project-scope

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of the gh (GitHub CLI) tool via Bash to manage repository resources. It performs actions like gh api calls, creating labels, and creating or editing issues.
  • [COMMAND_EXECUTION]: In Step 7, the skill retrieves an existing issue's body using gh issue view and interpolates that output directly into a shell command line to edit the issue. If an issue body contains malicious shell sequences (e.g., backticks or subshell expansions), it could lead to command injection when the agent executes the edit command. This constitutes a vulnerability to indirect input poisoning.
  • Ingestion points: Step 7 reads existing issue bodies from GitHub via gh issue view.
  • Boundary markers: None; the output is interpolated directly into a double-quoted string in a shell command.
  • Capability inventory: Full access to the Bash tool and gh CLI.
  • Sanitization: None performed on the retrieved data before shell interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 03:02 PM