agentic-actions-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and analyze untrusted GitHub Actions workflow files. It explicitly mitigates the risk of instructions within those files influencing the agent by providing 'Bash Safety Rules' in Step 0, which strictly forbid piping fetched content to interpreters or using it in shell substitutions.- [EXTERNAL_DOWNLOADS]: The skill uses the GitHub CLI to fetch workflow configurations from the official GitHub API. This is a core functionality for the intended security auditing purpose and targets a well-known, trusted service without accessing sensitive local credentials.- [COMMAND_EXECUTION]: All shell commands involving the GitHub CLI are used for read-only data fetching. The instructions include explicit warnings against executing the results of these commands, protecting against potential command injection from remote repository names or file contents.
Audit Metadata