Skills
skills/kerim/github-mcp-skill/github-mcp/Gen Agent Trust Hub

github-mcp

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill facilitates the creation of project-level configuration files for GitHub MCP, promoting the principle of least privilege by isolating access tokens to specific projects.
  • [SAFE]: Uses a non-sensitive placeholder (YOUR_TOKEN_HERE) when creating the configuration file, ensuring that the AI agent does not handle or store the actual secret during the setup process.
  • [SAFE]: Automatically updates the project's .gitignore file to include the configuration file, which is a critical safeguard against accidental credential leakage to version control systems.
  • [SAFE]: Explicitly instructs the agent to avoid reading the configuration file after the user has populated it with a token, reducing the risk of accidental secret exposure in chat history.
  • [SAFE]: References official GitHub settings and GitHub Copilot API endpoints for configuration purposes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:06 AM