Skills
skills/liangmiqwq/skills/finding-on-github/Gen Agent Trust Hub

finding-on-github

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard command-line tools git and gh to perform read-only operations such as git blame, git show, and searching for issues or pull requests. These are used according to their intended purposes for repository analysis.
  • [DATA_EXFILTRATION]: The skill performs network operations specifically to GitHub's official APIs via the gh tool. These operations are limited to fetching public repository data (commits, issues, PRs) and do not involve sensitive local files or unauthorized data transmission.
  • [PROMPT_INJECTION]: The skill processes data from external sources (GitHub issue titles and descriptions). While this technically exposes a surface for indirect prompt injection, the risk is minimal as the skill's instructions focus on summarizing status and reporting findings rather than executing instructions found within that external data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 10:25 PM
Security Audit — agent-trust-hub — finding-on-github