make-repo-agent-legible
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's instructions and reference files are focused on established software development best practices and repository organization. No malicious patterns, obfuscation, or unauthorized data exfiltration were detected.
- [PROMPT_INJECTION]: The skill is designed to ingest and process entire software repositories, creating an attack surface for indirect prompt injection.
- Ingestion points: The agent is instructed to read
AGENTS.md, architecture documentation, and repository source code (SKILL.md Workflow Steps 1 and 2). - Boundary markers: Absent; the workflow does not specify the use of delimiters or instructions to ignore embedded prompts found within the repository files.
- Capability inventory: The agent has capabilities for file creation (Default Deliverables) and interaction with local systems, CLIs, and logs for behavior inspection (SKILL.md Workflow Step 8).
- Sanitization: Absent; the instructions do not describe sanitization or validation of the content read from the repository.
Audit Metadata