github-action
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): No prompt injection or behavior override patterns were detected. The skill uses standard instruction-based keyword matching to serve relevant resources.
- [CREDENTIALS_UNSAFE] (SAFE): No hardcoded credentials. The skill explicitly recommends using GitHub Secrets, OIDC, and short-lived tokens instead of long-lived credentials.
- [REMOTE_CODE_EXECUTION] (SAFE): While the skill suggests the use of third-party GitHub Actions, it mandates the use of full commit SHAs (SHA pinning) to prevent supply chain attacks, which is a high-standard security practice.
- [DATA_EXFILTRATION] (SAFE): No malicious network operations or attempts to exfiltrate sensitive files were found. Network operations mentioned (like
npm publishor OIDC auth) are standard CI/CD procedures. - [INDIRECT_PROMPT_INJECTION] (SAFE): The skill demonstrates high awareness of indirect injection through untrusted GitHub event data. It provides specific remediation patterns (using environment variables instead of direct expression interpolation) to mitigate these risks.
- [EXTERNAL_DOWNLOADS] (SAFE): All suggested downloads/actions are from well-known providers (Google, AWS, Azure, GitHub Actions) and are accompanied by security warnings regarding their use.
Audit Metadata