Skills
skills/rwx-cloud/skills/migrate-from-gha/Gen Agent Trust Hub

migrate-from-gha

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the rwx CLI tool to perform several operations essential to its function.
  • It executes rwx docs pull to fetch reference documentation directly to stdout, avoiding external web fetching tools.
  • it executes rwx docs search to find relevant documentation pages when specific queries are needed.
  • It executes rwx lint to validate the syntax and integrity of the generated RWX configuration files.
  • These commands are standard administrative and development operations within the vendor's ecosystem.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted GitHub Actions workflow files provided by the user, which presents a surface for indirect prompt injection.
  • Ingestion points: The source workflow file located at the path provided in $ARGUMENTS is read and analyzed in Step 1.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded content within the source YAML file.
  • Capability inventory: The skill has the ability to read and write files within the .rwx/ directory and execute the rwx CLI tool.
  • Sanitization: There is no explicit logic described for sanitizing or escaping content from the source workflow before it is used to generate the new configuration or displayed to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 08:27 PM