Skills
skills/andreacovelli/my-skills/gh-cli/Gen Agent Trust Hub

gh-cli

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to execute local shell commands using the GitHub CLI (gh) for a wide range of operations including repository cloning, issue management, and Action workflow monitoring.
  • [PROMPT_INJECTION]: There is an indirect prompt injection surface area because the skill reads content from untrusted external sources, specifically GitHub issues, pull request descriptions, and Action logs (e.g., via gh issue view, gh pr view, and gh run view --log).
  • Ingestion points: references/common-patterns.md contains examples for viewing issues, PRs, and logs.
  • Boundary markers: None explicitly specified for handling external data.
  • Capability inventory: Extensive shell execution capabilities via the gh tool, including mutating repository states.
  • Sanitization: The skill relies on natural language safety rules rather than technical sanitization for processed data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 12:43 PM
Security Audit — agent-trust-hub — gh-cli