pipe
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides comprehensive and accurate security guidance for GitHub Actions, including protection against supply-chain attacks and script injection.
- [SAFE]: All instructions emphasize defensive patterns, such as pining actions to commit SHAs (referencing CVE-2025-30066 as a cautionary context) and avoiding 'write-all' permissions.
- [SAFE]: It identifies and provides mitigations for known CI/CD attack vectors, such as the 'pull_request_target' vulnerability and untrusted input interpolation in shell scripts.
- [SAFE]: The content is purely documentation and reference-based; it contains no executable code, scripts, or network-active components that pose a risk to the environment.
- [SAFE]: No obfuscation, data exfiltration, or persistence mechanisms were detected in any of the provided markdown files.
Audit Metadata