Skills
skills/aradotso/mcp-skills/github-mcp-server/Gen Agent Trust Hub

github-mcp-server

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill references official GitHub infrastructure (api.githubcopilot.com) and recommends secure credential management via environment variables and .env file exclusion.
  • [PROMPT_INJECTION]: The skill's core functionality involves processing untrusted data from GitHub repositories, issues, and pull requests, which creates a surface for indirect prompt injection.
  • Ingestion points: Repository code, file contents, issue descriptions, and pull request comments are ingested into the agent context (SKILL.md).
  • Boundary markers: No delimiters or specific instructions to ignore embedded prompts are provided in the documentation.
  • Capability inventory: The agent is granted capabilities to create and update issues, manage pull requests, and trigger GitHub Actions workflows (SKILL.md).
  • Sanitization: No content validation or sanitization mechanisms are defined for the ingested data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 02:55 PM
Security Audit — agent-trust-hub — github-mcp-server