Skills
skills/troykelly/claude-skills/project-status-sync/Gen Agent Trust Hub

project-status-sync

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE] (SAFE): The skill performs its stated function of synchronizing GitHub project metadata without any hidden or malicious behaviors.
  • [COMMAND_EXECUTION] (SAFE): Uses standard tools like gh (GitHub CLI) and jq for processing structured data. These commands are executed locally within the context of the user's authenticated session and serve the primary purpose of the skill.
  • [DATA_EXPOSURE] (SAFE): Accesses only project-related metadata via the GitHub API. No evidence of hardcoded credentials, sensitive file access (e.g., SSH keys), or data exfiltration to external domains was found.
  • [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill interacts with external data (GitHub project items), it primarily handles structured data and IDs. The risk of indirect injection via project field names is negligible in this implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:12 PM