Skills
skills/xueheng-li/sysu-awesome-cc/github-trending/Gen Agent Trust Hub

github-trending

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) due to the way it handles external data.
  • Ingestion points: The script scripts/github_trending.py fetches content from the GitHub Trending page and raw README files from raw.githubusercontent.com via the get_repository_readme function.
  • Boundary markers: There are no specific delimiters or protective instructions wrapping the retrieved content to prevent the agent from obeying instructions embedded within a repository's README.
  • Capability inventory: The script executes network requests using the requests library and prints output to stdout, which is then interpreted by the AI agent.
  • Sanitization: While the script truncates README content to 50,000 characters, it does not sanitize the text for malicious prompt injection patterns (e.g., 'ignore previous instructions').
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 05:48 AM