GitHub Agentic Workflows Tools Ecosystem
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation resource intended for developer guidance. It contains no malicious code, prompt injection attempts, or unauthorized access patterns.
- [COMMAND_EXECUTION]: The skill demonstrates the use of the
bashtool for routine development tasks such as code analysis (eslint), testing (npm test), and build automation. All examples follow standard developer workflows. - [CREDENTIALS_UNSAFE]: Security is addressed through the use of environment variables (e.g.,
$TOKEN) in command examples, demonstrating safe handling of sensitive credentials. - [PROMPT_INJECTION]: While the tools described have the capability to ingest data from external sources, the skill identifies this risk. Evidence chain for indirect injection surface: 1. Ingestion points:
web.search,playwright.browserNavigate, andgithub.getFileContents(SKILL.md). 2. Boundary markers: Not present in code snippets, but recommended in prose documentation. 3. Capability inventory: Includesbash,filesystem.writeFile, andgithub.issueWrite(SKILL.md). 4. Sanitization: The skill provides a 'Security Considerations' section with example functions for validating inputs and sanitizing paths.
Audit Metadata