Skills
skills/majiayu000/claude-skill-registry/github-actions/Gen Agent Trust Hub

github-actions

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill serves as a documentation and guidance resource for GitHub Action development, providing templates and implementation patterns.
  • [SAFE]: Includes explicit security best practices, such as recommending the use of core.setSecret for masking sensitive data in logs and enforcing minimal repository permissions.
  • [SAFE]: All referenced dependencies (e.g., @actions/core, @actions/github, @vercel/ncc) are official GitHub utilities or well-known industry standard packages.
  • [SAFE]: Provides clear warnings and example validation logic to help developers prevent common vulnerabilities like command injection in custom actions.
  • [SAFE]: The internal guidance in the "Anti-Fabrication Requirements" section encourages the agent to verify file existence and syntax before claiming capabilities, which promotes accuracy and safe operation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 07:26 PM