Skills
skills/takazudo/claude-resources/gh-fetch-issue/Gen Agent Trust Hub

gh-fetch-issue

Pass

Audited by Gen Agent Trust Hub on Jun 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell scripts that leverage the gh (GitHub CLI) tool to retrieve issue data. This is a standard and expected operation for a GitHub integration tool.
  • [EXTERNAL_DOWNLOADS]: The skill uses curl to download image assets (e.g., from githubusercontent.com and github.com/user-attachments). These downloads are targeted at well-known GitHub media domains and are necessary for the skill's primary function of enabling image visibility for the AI agent.
  • [COMMAND_EXECUTION]: The fetch script uses gh auth token to retrieve the user's existing GitHub session token. This token is used solely to authorize image downloads from GitHub's private asset servers and is not exfiltrated or stored insecurely.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 21, 2026, 08:46 PM
Security Audit — agent-trust-hub — gh-fetch-issue