Skills
skills/shipshitdev/library/github-actions-author/Gen Agent Trust Hub

github-actions-author

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface as it is designed to ingest and analyze untrusted content from the local workspace.
  • Ingestion points: The workflow involves reading existing workflow files, package.json, lockfiles, workspace configurations, and test scripts (SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or explicit 'ignore' instructions for the agent when processing these external files.
  • Capability inventory: The skill uses the GitHub CLI (gh) and git to query repository metadata and has the capability to write or modify YAML files in the .github/workflows/ directory.
  • Sanitization: There is no evidence of programmatic sanitization or validation of the content ingested from the repository before it is evaluated by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 01:13 PM
Security Audit — agent-trust-hub — github-actions-author