Skills
skills/notque/claude-code-toolkit/github-actions-check/Gen Agent Trust Hub

github-actions-check

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's error handling documentation suggests using sudo apt install gh. Providing logic that encourages the use of sudo introduces a potential privilege escalation vector if the agent attempts to execute the command.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8c) because it reads and processes external, untrusted data from GitHub Action logs. An attacker could potentially embed malicious instructions within these logs to manipulate the agent's interpretation of failures or its suggested reproduction steps.
  • Ingestion points: The agent ingests data from gh run view --log-failed (SKILL.md).
  • Boundary markers: Absent; there are no instructions to the agent to treat the log data as untrusted or to ignore any embedded commands.
  • Capability inventory: The skill is granted access to the Bash tool, allowing for command execution based on findings from the logs.
  • Sanitization: Absent; the skill does not perform any validation or filtering on the logs before they are presented to or analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 05:55 AM
Security Audit — agent-trust-hub — github-actions-check