github-cleanup
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill utilizes the
ghCLI for all GitHub interactions. Destructive operations like repository and secret deletion are documented with clear safety requirements for user approval and verification steps.\n- [PROMPT_INJECTION] (LOW): The skill processes untrusted data from GitHub (repository names, workflow contents). This presents an indirect prompt injection surface where a malicious repository could contain instructions. However, the skill implements strong boundary markers by separating the discovery phase from execution and requiring human verification of findings viaAskUserQuestion.\n- [DATA_EXFILTRATION] (SAFE): The skill reads GitHub metadata to perform its audit but does not access or exfiltrate sensitive local files (like SSH keys) or hardcoded credentials to third-party domains.
Audit Metadata