Skills
skills/github/gh-aw/gh-agent-task/Gen Agent Trust Hub

gh-agent-task

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the github/agent-task extension using the GitHub CLI (gh extension install). This targets an official repository from a trusted organization.\n- [PROMPT_INJECTION]: The skill represents an indirect prompt injection surface by design, as it processes natural language task descriptions from external sources (like issues or files) to trigger automated code changes. This is an inherent risk in task delegation workflows.\n
  • Ingestion points: Natural language descriptions provided via command arguments or the --from-file flag in the gh agent-task create and update commands.\n
  • Boundary markers: No specific delimiters or instructions are used to isolate the natural language input from the agent's instructions.\n
  • Capability inventory: The skill executes shell commands via the GitHub CLI to create and manage repository issues and pull requests.\n
  • Sanitization: The instructions do not specify any validation or sanitization of the task descriptions before they are used in command execution.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 02:32 PM
Security Audit — agent-trust-hub — gh-agent-task