Skills
skills/zjy365/gh-explorer/github-trending/Gen Agent Trust Hub

github-trending

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill uses npx --yes gh-explorer to run a CLI tool. This command downloads and executes code from the npm registry. While npm is a standard registry, the package is maintained by a third party and the --yes flag bypasses user confirmation for installation.
  • [EXTERNAL_DOWNLOADS]: Fetches the gh-explorer package from the official npm registry.
  • [COMMAND_EXECUTION]: User-provided parameters for language, timeframe, and limits are interpolated into shell commands. There is a potential for command injection if the agent does not validate the values before running the shell command.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (GitHub repository names and descriptions) which can contain malicious instructions designed to manipulate the agent's response. Ingestion points: Results from the gh-explorer CLI command in SKILL.md. Boundary markers: None specified in the instructions to separate data from the system prompt. Capability inventory: The agent is instructed to summarize results but does not perform file writes or further command execution on the data. Sanitization: No sanitization or escaping of the fetched data is described.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 09:36 AM
Security Audit — agent-trust-hub — github-trending