github-integration
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for executing shell commands within cloud environments to install the GitHub CLI. This includes using 'apt update && apt install -y gh' and configuring 'SessionStart' hooks in the '.claude/settings.json' file. These commands are intended for the primary purpose of setting up the environment and are considered standard practice for the target platforms.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the 'gh' package from official Ubuntu repositories and suggests using 'npx' to install the skill itself from the 'onsager-ai/dev-skills' repository. Both are well-known and expected sources for software distribution in these contexts.
- [CREDENTIALS_UNSAFE]: The documentation provides guidance on managing 'GH_TOKEN' environment variables and GitHub Personal Access Tokens (PATs). It correctly recommends using environment variables and repository secrets rather than hardcoding credentials, following security best practices for secret management in cloud environments.
Audit Metadata