relay
Pass
Audited by Gen Agent Trust Hub on May 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill manages GitHub workflows through standard command-line interfaces (git, gh) and local Node.js scripts. All external script calls use relative paths within the vendor's own suite, posing no unexpected execution risks.
- [PROMPT_INJECTION]: The skill processes untrusted input from GitHub issues and user descriptions. It proactively mitigates the risk of indirect prompt injection by using explicit boundary markers (e.g.,
<task-content>tags) and specific instructions in its templates to ignore any embedded directives in external content. Evidence found inreferences/prompt-template.md. - [COMMAND_EXECUTION]: Shell commands are used for legitimate project management tasks such as branch creation, issue viewing, and PR management. No evidence of unsafe shell interpolation or privilege escalation was found. Evidence in
SKILL.md(Steps 1.5, 1.7, 3, 4).
Audit Metadata