Skills
skills/rshade/agent-skills/actionlint/Gen Agent Trust Hub

actionlint

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted GitHub Action workflow files which could contain malicious instructions designed to mislead the agent during the validation process (Indirect Prompt Injection).
  • Ingestion points: Reads content from .github/workflows/*.yml for validation.
  • Boundary markers: No delimiters or ignore instructions are used when reading or processing the workflow files.
  • Capability inventory: The skill executes shell commands via actionlint and reports results back to the agent context.
  • Sanitization: There is no sanitization or escaping of the workflow content before it is processed or reported.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the actionlint binary from GitHub's official repository via the releases API (api.github.com/repos/rhysd/actionlint/releases/latest). This is a well-known service and the source is appropriate for the skill's purpose.
  • [COMMAND_EXECUTION]: The skill performs system-level modifications by attempting to install the actionlint binary into /usr/local/bin using tar and curl commands. While standard for tool installation, this modifies the system environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 09:59 AM