org-search
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to search across multiple repositories using JetBrains' experimental
jbcontextCLI and the official GitHub CLI (gh). These are legitimate developer tools used for organization-wide code analysis. - [COMMAND_EXECUTION]: The skill uses shell commands to interact with internal and external tools (e.g.,
jbcontext repos,jbcontext search,gh repo view). This execution is well-defined, scoped to the user's repository access, and matches the described purpose of the skill. - [DATA_EXFILTRATION]: There are no signs of data being sent to untrusted third-party domains. All data operations (searching and reading) occur within the organization's GitHub environment or through the authorized
jbcontextservice. - [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data in the form of repository contents and search results. While this constitutes an attack surface, the instructions guide the agent through a standard research workflow without granting unsafe capabilities like arbitrary file writing or persistence. No specific bypass patterns were identified.
Audit Metadata