Skills
skills/byronxlg/skillfold/github-workflow/Gen Agent Trust Hub

github-workflow

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interacts with untrusted data from GitHub pull requests and issues.
  • Ingestion points: The agent retrieves external content using commands like gh pr view, gh pr diff, and gh issue view in SKILL.md.
  • Boundary markers: The skill does not provide delimiters or specific instructions to the agent to treat fetched content as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill enables the agent to perform state-changing operations such as gh pr merge, gh pr review --approve, and gh issue close.
  • Sanitization: No sanitization or validation logic is defined for the content retrieved from GitHub.
  • [NO_CODE]: This skill consists entirely of markdown instructions and does not include any executable scripts, binaries, or configuration files that run code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 01:09 AM
Security Audit — agent-trust-hub — github-workflow