github-conversation
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill contains a defensive security section that explicitly instructs the agent to identify and ignore potential prompt injection attempts (such as 'ignore previous instructions') embedded in third-party GitHub comments or descriptions.
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for installing 'gh-llm', which is a specialized tool and GitHub CLI extension developed by the skill author (ShigureLab) to facilitate GitHub interactions.
- [COMMAND_EXECUTION]: The skill utilizes the standard GitHub CLI ('gh') and the 'gh-llm' tool to perform its tasks. All command examples are restricted to the intended scope of reading and managing GitHub repository metadata and conversations.
- [DATA_EXFILTRATION]: The skill interacts solely with the GitHub API for its documented purpose. It includes specific warnings to prevent the accidental posting of secrets or credentials found in third-party content.
Audit Metadata