Skills
skills/vm0-ai/vm0-skills/github-automation/Gen Agent Trust Hub

github-automation

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the official GitHub CLI (gh) to perform repository and project management tasks. This is the primary intended behavior of the skill and uses standard, non-obfuscated command patterns.\n- [DATA_EXFILTRATION]: No unauthorized data exfiltration patterns were detected. All network communication is directed to GitHub's official infrastructure via the gh tool.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads external content from GitHub (issue bodies, pull request descriptions, and search results). However, this is inherent to the tool's purpose and is mitigated by instructions requiring user confirmation for destructive or state-changing actions.\n
  • Ingestion points: gh issue view, gh pr view, gh search (SKILL.md)\n
  • Boundary markers: Absent\n
  • Capability inventory: GitHub API write access via gh commands for issues, PRs, and repositories (SKILL.md)\n
  • Sanitization: Absent
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:43 PM