skills/dnyoussef/ai-chrome-extension/when-managing-multiple-repos-use-github-multi-repo/Gen Agent Trust Hub
when-managing-multiple-repos-use-github-multi-repo
Pass
Audited by Gen Agent Trust Hub on Jun 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes several shell scripts (e.g.,
scripts/repo-graph.sh,scripts/multi-repo.sh,scripts/migration.sh) that are expected to be present in the user's environment. It also uses thedotcommand for graph visualization.\n- [EXTERNAL_DOWNLOADS]: Usesnpx claude-flow@alphato initialize the swarm orchestration framework.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it analyzes content from external, potentially untrusted repositories.\n - Ingestion points: Codebase content, module boundaries, and repository metadata processed by the
code-analyzerandrepo-architectagents.\n - Boundary markers: None; the instructions do not specify delimiters or warnings to isolate processed data from agent instructions.\n
- Capability inventory: Includes repository cloning, Pull Request creation, and shell command execution via local scripts.\n
- Sanitization: None; there are no steps described to validate or sanitize the data retrieved from external sources before processing.
Audit Metadata