The Agent Skills Directory

Input Validation: The PowerShell and Bash scripts both implement regular expression validation for repository owner, name, and branch parameters. This practice mitigates potential command injection risks by ensuring that user-provided strings conform to expected GitHub naming conventions.
Execution Environment Controls: The scripts explicitly suppress the GitHub CLI pager by setting GH_PAGER to an empty string. This ensures that the agent can execute the commands non-interactively without getting stuck in a paging interface.
Least Privilege and Scope: The skill documentation provides clear guidance on the minimal GitHub scopes required (security_events or public_repo). It relies on the user's existing gh CLI authentication rather than asking for or storing sensitive credentials within the skill itself.
Data Processing Considerations: The skill processes external data (code scanning alerts) produced by tools like CodeQL. While this data is retrieved from the user's own GitHub environment, it represents an attack surface for indirect prompt injection if an alert contains malicious instructions. The skill handles this by outputting structured JSON, which helps maintain clear data boundaries for the agent.

gh-code-scanning