repo-prep
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches license templates from the SPDX official GitHub repository and .gitignore templates from the GitHub gitignore repository. These are recognized as well-known and trusted external sources.
- [PROMPT_INJECTION]: The 'Authorship Wizard' feature introduces a surface for indirect prompt injection.
- Ingestion points: The skill is instructed to gather evidence from the repository being processed, including reading
git logoutput,CHANGELOG.md,README.md, Architectural Decision Records (ADRs) in thedocs/directory, and AI context files likeCLAUDE.mdorAGENTS.md. - Boundary markers: No specific delimiters or safety instructions are defined to separate ingested data from agent instructions during this process.
- Capability inventory: The skill can write files to the local system, execute bundled Python scripts, and invoke the GitHub CLI (
gh) for repository management tasks. - Sanitization: The instructions do not define any validation or sanitization steps for the data retrieved from external files before it is processed by the agent.
Audit Metadata