github-action-authoring
Pass
Audited by Gen Agent Trust Hub on May 16, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references several download URLs for installers and binaries.
- Sources include
downloads.ortussolutions.comandwww.ortussolutions.com. - These resources are official distributions from the vendor (Ortus Solutions).
- [REMOTE_CODE_EXECUTION]: Provides instructions for downloading and executing shell scripts (
.shand.ps1) at runtime. - The documentation explicitly recommends saving to a temporary file and executing from the local path rather than using dangerous patterns like
Invoke-Expressionon network content. - This behavior is standard for the described purpose of setting up development environments in CI/CD pipelines.
- [COMMAND_EXECUTION]: Contains a comprehensive reference for Bash and PowerShell commands used to manage the GitHub Actions runner environment.
- Commands include file system operations (
New-Item,Expand-Archive), environment modification (Add-Contentto$env:GITHUB_ENV), and tool verification.
Audit Metadata