github

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill uses the official GitHub CLI (gh) to perform common tasks such as viewing pull requests, listing workflow runs, and querying the GitHub API. These are legitimate developer workflows.
  • [COMMAND_EXECUTION]: The commands provided (e.g., gh pr, gh run, gh api) are standard invocations of the GitHub command-line tool. They do not involve shell injection or unsafe privilege escalation.
  • [EXTERNAL_DOWNLOADS]: The skill metadata includes installation instructions for the GitHub CLI using trusted package managers (brew, apt). It does not download or execute scripts from unverified third-party sources.
  • [DATA_EXFILTRATION]: No evidence of credential harvesting or sensitive data exfiltration was found. The skill operates within the scope of the authenticated GitHub environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 03:24 PM
Security Audit — agent-trust-hub — github