github-repository-standards
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because its core functionality involves scanning and processing the structure and contents of a user's repository root.
- Ingestion points: The agent is instructed to scan the repository root to identify configuration and community files as defined in SKILL.md.
- Boundary markers: The instructions do not include specific delimiters or warnings to ignore potentially malicious instructions embedded in file names or contents within the repository being audited.
- Capability inventory: The agent has the capability to generate and suggest shell commands and modify configuration files like package.json.
- Sanitization: No sanitization or validation of the ingested file names or contents is mentioned before they are used to generate advice or commands.
- [COMMAND_EXECUTION]: The skill generates shell commands and configuration overrides for tool configuration and migration tasks.
- Evidence: The skill provides automated templates for updating package.json scripts, docker build commands, and VS Code settings overrides for standard development tools like ESLint, Prettier, and Jest (documented in references/config-migration-recipes.md).
Audit Metadata