ghmonitor
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes repository-modifying commands such as
git commitandgit pushto automate the fix-and-deploy cycle. - [COMMAND_EXECUTION]: Explicitly instructs the agent to minimize user oversight by automatically pushing fixes and monitoring new runs without confirmation ('don't ask, just do it').
- [DATA_EXFILTRATION]: Accesses potentially sensitive data by reading failure logs via
gh run view --log-failed, which can expose environment variables or secrets. - [PROMPT_INJECTION]: Vulnerable to indirect prompt injection where malicious content in build logs could influence the agent's diagnostic decisions and code modifications.
- Ingestion points: Build logs from GitHub Actions (SKILL.md).
- Boundary markers: None present.
- Capability inventory: File system write access, git commit, and git push.
- Sanitization: No validation of log content is performed before processing.
Audit Metadata