github-actions
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The content consists of educational guidelines and does not contain instructions to override agent behavior or bypass safety filters.
- Data Exposure & Exfiltration (SAFE): No hardcoded credentials or sensitive file paths were found. The skill actively advises users on how to protect secrets and avoid exfiltration.
- Obfuscation (SAFE): No Base64, zero-width characters, or other encoding techniques were used to hide content.
- Unverifiable Dependencies & Remote Code Execution (SAFE): No scripts, package managers (npm/pip), or remote downloads are present in the skill.
- Privilege Escalation (SAFE): The skill promotes the principle of least privilege and contains no commands for acquiring elevated system permissions.
- Indirect Prompt Injection (SAFE): The skill is a static reference document and does not provide mechanisms for ingesting or processing untrusted external data.
Audit Metadata