exploring-repos
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Uses the GitHub CLI (
gh) andgit cloneto interact with and retrieve content from public repositories for analysis. - [PROMPT_INJECTION]: Ingestion points: Reads arbitrary content from external repositories via the GitHub API and git cloning. Boundary markers: None; the skill does not explicitly instruct the agent to ignore embedded instructions in the ingested code. Capability inventory: Subprocess execution and network access. Sanitization: None; rely on standard model guardrails when interpreting untrusted documentation and code.
Audit Metadata