Skip to content
wyattowalsh/agents | AI Agent Configs
Docs
agentic-actions-auditor

agentic-actions-auditor

Curated third-party skill source. Run external-skill-auditor before repo promotion.

agentic-actions-auditor18 wordsInspect firstinspect-then-install
Curated third-party skill source. Run external-skill-auditor before repo promotion.

Quick Start

Install:

npx skills add trailofbits/skills --skill differential-review --skill agentic-actions-auditor --skill variant-analysis --skill insecure-defaults --skill supply-chain-risk-auditor --skill modern-python -y -g -a antigravity claude-code codex crush cursor gemini-cli github-copilot grok opencode

Use: /agentic-actions-auditor

Works with Claude Code, Gemini CLI, OpenCode, and other agentskills.io-compatible agents.

What It Does

Section titled “What It Does”

Audits GitHub Actions workflows for AI agent security vulnerabilities specific to integrations like Claude Code Action, Gemini CLI, OpenAI Codex, and GitHub AI Inference. Detects 9 attack vectors (env var intermediary, direct ${{}} injection, gh CLI data fetch at runtime, pull_request_target+checkout, error log injection, subshell bypass, eval of AI output, dangerous sandboxes like —yolo, wildcard allowlists). From Trail of Bits skills marketplace.

Harness Coverage

Section titled “Harness Coverage”

Targets verified harnesses: antigravity, claude-code, codex, crush, cursor, gemini-cli, github-copilot, grok, opencode.

Portable multi-harness install command:

Terminal window
npx skills add trailofbits/skills --skill differential-review --skill agentic-actions-auditor --skill variant-analysis --skill insecure-defaults --skill supply-chain-risk-auditor --skill modern-python -y -g -a antigravity claude-code codex crush cursor gemini-cli github-copilot grok opencode

Trust / Audit

Section titled “Trust / Audit”

Trust tier: Inspect first (needs-inspection)

Curated status: inspect-then-install

Risk notes: Curated third-party skill source. Run external-skill-auditor before repo promotion.

Entry maintained via authoring + research for compose-external-wave-1; provenance and audit notes are authoritative there (research context is advisory).

Install Prerequisites

Section titled “Install Prerequisites”

Install: npx skills add trailofbits/skills --skill agentic-actions-auditor -y -g -a antigravity claude-code codex crush cursor gemini-cli github-copilot grok opencode status=inspect-then-install; selector=named. Best with .github/ workflows present. Run external-skill-auditor first per policy.

FieldValue
Source Typecurated-external
Display Sourcetrailofbits/skills
Source Kindgithub
Installabilityportable command
Review Statecurated
Trust Tierneeds-inspection
Target Agentsantigravity, claude-code, codex, crush, cursor, gemini-cli, github-copilot, grok, opencode
Curated catalog entry
docs/src/authoring/skills/agentic-actions-auditor.mdx (full SSOT excerpt)
---
name: "agentic-actions-auditor"
description: "Curated third-party skill source. Run external-skill-auditor before repo promotion."
title: "Agentic Actions Auditor"
source_kind: "curated-external"
source: "trailofbits/skills"
install_source: "trailofbits/skills"
status: "inspect-then-install"
trust_tier: "needs-inspection"
provenance_status: "verified-install-command"
install_command: "npx skills add trailofbits/skills --skill differential-review --skill agentic-actions-auditor --skill variant-analysis --skill insecure-defaults --skill supply-chain-risk-auditor --skill modern-python -y -g -a antigravity claude-code codex crush cursor gemini-cli github-copilot grok opencode"
target_agents: [antigravity, claude-code, codex, crush, cursor, gemini-cli, github-copilot, grok, opencode]
source_url: "https://github.com/trailofbits/skills"
notes: "Curated third-party skill source. Run external-skill-auditor before repo promotion."
risk_notes: "Curated third-party skill source. Run external-skill-auditor before repo promotion."
promotion_policy: "Inspect source, hooks, scripts, credentials, and dedupe before install."
provenance_evidence: "Curated `npx skills add` command with named `--skill` selectors under `inspect-then-install` in config/external-skills.md."
---


{/* GENERATED-AUTHORING: source=config/external-skills.md; entry=agentic-actions-auditor; re-run migration to refresh */}


Curated third-party skill source. Run external-skill-auditor before repo promotion.

Install / provenance (from authoring frontmatter + research):

FieldValue
install_commandnpx skills add trailofbits/skills --skill differential-review --skill agentic-actions-auditor --skill variant-analysis --skill insecure-defaults --skill supply-chain-risk-auditor --skill modern-python -y -g -a antigravity claude-code codex crush cursor gemini-cli github-copilot grok opencode
sourcetrailofbits/skills
source_urlhttps://github.com/trailofbits/skills
trust_tierneeds-inspection
curated_statusinspect-then-install
target_agentsantigravity, claude-code, codex, crush, cursor, gemini-cli, github-copilot, grok, opencode

Resources

Section titled “Resources”
Skill Catalog Browse custom and external skills.
CLI Reference Install and manage skills.
Built & designed by shadcn. Ported to Astro Starlight by Adrián UB. The source code is available on GitHub.
Home Start Here Skills Agents MCP CLI

Skills

Catalog Install Custom

Agents

Agents code-reviewer docs-writer orchestrator performance-profiler planner release-manager researcher security-auditor

MCP

MCP Servers mcphub

Hooks

Hooks codex-destructive-shell-guard codex-permission-request-guard codex-post-tool-verify-context codex-protected-file-guard codex-session-start-context codex-stop-truth-gate destructive-shell-guard post-edit-format post-edit-lint prompt-log protected-file-guard research-dangerous-shell-guard research-evidence-ledger research-prompt-triage-context research-readonly-write-guard research-stop-verifier session-start

Harness Config

Harness Config mcp-registry sync-manifest tooling-policy