Skills
skills/vibeeval/vibecosystem/github-actions-integration/Gen Agent Trust Hub

github-actions-integration

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Potential indirect prompt injection surface in the workflow templates provided for issue resolution.
  • Ingestion points: The .github/workflows/claude-fix.yml file ingests untrusted data from ${{ github.event.issue.title }} and ${{ github.event.issue.body }} directly into the agent's instructions.
  • Boundary markers: The prompt template lacks delimiters or explicit instructions to distinguish between agent commands and external data content.
  • Capability inventory: The workflows request contents: write and pull-requests: write permissions, allowing the agent to modify code and create PRs based on instructions derived from potentially malicious issues.
  • Sanitization: No sanitization, escaping, or validation of the issue title or body is performed before interpolation into the prompt.
  • [EXTERNAL_DOWNLOADS]: The skill references and utilizes the anthropics/claude-code-action@v1 GitHub Action from a well-known source to facilitate its automated tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 07:46 AM
Security Audit — agent-trust-hub — github-actions-integration