Skills
skills/cycleuser/skills/shen-shi/Gen Agent Trust Hub

shen-shi

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh and git command-line interfaces to retrieve repository information. Its operations are restricted to read-only actions (GET requests and view commands), which is a security best practice for automated triage tools.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface because it processes untrusted content from GitHub issues and pull requests. This is a characteristic of the skill's core purpose of analysis.
  • Ingestion points: External data is ingested from GitHub issues and pull requests via gh view commands in SKILL.md.
  • Boundary markers: No explicit delimiters or boundary instructions are provided to the agent to distinguish between repository data and system instructions.
  • Capability inventory: The skill executes shell commands (gh, git) and performs local file system writes to the /tmp directory as specified in SKILL.md.
  • Sanitization: There is no documented evidence of sanitization or filtering of the content retrieved from GitHub before it is analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 04:54 PM
Security Audit — agent-trust-hub — shen-shi