gh
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of local shell commands via the GitHub CLI. Evidence: Commands such as gh auth status, gh repo create, and gh pr merge are defined in SKILL.md.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection. • Ingestion points: Data is ingested from GitHub issues and pull requests via gh issue list and gh pr list (SKILL.md). • Boundary markers: Absent. • Capability inventory: Command execution via gh CLI (SKILL.md). • Sanitization: Absent.
Audit Metadata