github-contributor

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a documentation-only guide for open-source contributions. It does not contain executable code, scripts, or automated triggers that could pose a direct security risk.
  • [COMMAND_EXECUTION]: The instructions leverage standard GitHub CLI (gh) and git commands for repository management, project evaluation, and contribution workflows (e.g., gh repo fork, gh pr create). These tools are used according to their intended purpose within the developer workflow.
  • [DATA_EXFILTRATION]: The skill actively encourages security hygiene by advising the redaction of sensitive data, including local absolute paths, secrets, tokens, and internal hostnames, from any logs or evidence provided in issues or pull requests, which helps prevent accidental data exposure.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it involves the ingestion of untrusted data from external GitHub issues and repositories. However, it does not provide capabilities that would automatically execute instructions found in such content without user intervention.
  • Ingestion points: Reading content via gh search, gh issue list, and repository files like README.md or CONTRIBUTING.md.
  • Boundary markers: Not explicitly defined for external content ingestion.
  • Capability inventory: Terminal access for gh commands and suggested npm install for testing bug reproductions.
  • Sanitization: Focuses on manual redaction of sensitive data before submission, but does not provide automated sanitization of ingested content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 02:12 AM
Security Audit — agent-trust-hub — github-contributor