GitHub
Alert level: High
Interact with GitHub using the 'gh' CLI. Use 'gh issue', 'gh pr', 'gh run', and 'gh api' for issues, PRs, CI runs, and advanced queries.
Locality:Hybrid
Data access:Sensitive
Actions:Write
Installs 60Downloads 3398Stars 9Updated 372h ago
Why this rating
Deterministic checks triggered by the tool capabilities and evidence.
- Locality: Hybrid
Communicates with GitHub via the 'gh' CLI.
- Data access: Sensitive
Can access repository issues, PRs, and CI data (including private repos).
- Action surface: Write
'gh issue' and 'gh pr' commands can modify GitHub resources.
Best practices
Follow these steps to reduce risk when using this skill.
- Use fine-grained tokens and least-privileged scopes.
- Specify '--repo owner/repo' to avoid operating on the wrong repository.
- Avoid posting secrets in issue or PR comments.
Evidence links
Public sources backing the indicator assignments.
Always be careful when navigating away from the website.
Max-risk rule
If any capability reaches a higher level, the entire indicator level bumps up to keep ratings deterministic and easy to scan.