orchestrate-multi-repo-sdks
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- COMMAND_EXECUTION (LOW): Potential shell injection in the kick-off-generation.yaml and reconcile-prs.yaml workflows. The skill interpolates github.head_ref and github.event.pull_request.head.ref directly into shell commands within a run block. An attacker can execute arbitrary commands in the runner by creating a pull request from a branch name containing shell metacharacters.
- EXTERNAL_DOWNLOADS (LOW): The workflow relies on the speakeasy CLI tool and the actions/checkout action. These are external dependencies that are not pinned to specific hashes in the examples, though they are standard tools for this task.
- CREDENTIALS_UNSAFE (SAFE): The skill identifies and uses sensitive secrets like SDK_REPOS_PAT and SPEAKEASY_API_KEY. It correctly uses GitHub Secrets interpolation rather than hardcoding credentials.
Audit Metadata