Skills
skills/tylersahagun/pm-workspace/github-sync/Gen Agent Trust Hub

github-sync

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes gh (GitHub CLI) commands to fetch repository data. This is an expected behavior for a synchronization tool and uses an official, well-known utility from a trusted organization.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data from external sources.
  • Ingestion points: Data is pulled from GitHub PR titles, descriptions (bodies), and branch names via gh pr list and gh pr view.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands within the processed PR content are defined.
  • Capability inventory: The agent can execute local gh CLI commands and has write access to the pm-workspace-docs/ directory to update metadata and reports.
  • Sanitization: There is no evidence of sanitization or escaping of the PR body text before it is interpolated into summaries or used for metadata updates.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:31 PM