peek
Pass
Audited by Gen Agent Trust Hub on Jun 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's documentation provides installation instructions using
npxandgit clonefrom the vendor's official GitHub organization (code-peekr). These are standard distribution methods for the tool and target the vendor's own infrastructure. - [COMMAND_EXECUTION]: The skill suggests using
git remote get-url originto automatically infer the repository name for tool calls. This is a read-only operation intended to provide context to the agent and does not pose a security risk in this context. - [DATA_EXFILTRATION]: The skill core functionality involves sending queries to a hosted API (
codepeekr.dev). While this involves sending codebase-related queries to an external service, it is the stated primary purpose of the skill and requires explicit user configuration of an MCP server and authentication token. - [PROMPT_INJECTION]: The skill processes research results returned by the
ask_repotool. There is a risk of indirect prompt injection if the codebase being analyzed contains malicious instructions designed to influence the agent's summary of the research. - Ingestion points:
SKILL.md(instructions for processing output frommcp__peek__ask_repo) - Boundary markers: Absent in the prompt templates.
- Capability inventory: The agent retains its full suite of local file-editing and command execution tools while using this skill.
- Sanitization: The skill does not specify sanitization for the external service's output.
Audit Metadata