The Agent Skills Directory

[SAFE]: The skill implements its functionality using transparent shell and Python scripts. It utilizes the official gh CLI to interact with the GitHub API, ensuring that data access is governed by the user's existing permissions and authentication. No instances of obfuscation, exfiltration, or unauthorized persistence were detected.
[PROMPT_INJECTION]: The skill processes untrusted data from external GitHub repositories (alert descriptions and messages), which constitutes a surface for indirect prompt injection. This risk is inherent to the skill's purpose and is mitigated by the design which requires user intervention to apply suggested code fixes. Ingestion points: GitHub security alert data fetched via gh api in scripts/fetch.sh. Boundary markers: None present; alert content is passed into the analysis script and agent context without specific delimiters. Capability inventory: The agent has permissions to read source files and is prompted to write or edit files to apply remediation steps. Sanitization: Security alert messages are truncated to 100-200 characters in scripts/analyze.py but are not sanitized for injection patterns.

github-security-review