Oathe Security Badge

Is tag-assistant/github-cli safe?

https://clawhub.ai/tag-assistant/github-cli

95
SAFE

This is a comprehensive, legitimate GitHub CLI reference skill containing only documentation and code examples. The skill consists entirely of markdown documentation with no executable code, scripts, or malicious content. All monitoring systems confirm normal installation behavior with no suspicious file access or network activity.

Category Scores

Prompt Injection 100/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 100/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 75/100 · 5%

Findings (1)

LOW Comprehensive sensitive operation documentation -25

This skill provides extensive documentation for GitHub CLI operations including sensitive functions like managing secrets, tokens, API access, and repository operations. While the skill itself contains no executable code, it serves as a comprehensive reference that could assist in automating GitHub operations if combined with execution capabilities.