skills/jetbrains/context/org-search/Gen Agent Trust Hub

org-search

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill's primary function is to search across multiple repositories using JetBrains' experimental jbcontext CLI and the official GitHub CLI (gh). These are legitimate developer tools used for organization-wide code analysis.
  • [COMMAND_EXECUTION]: The skill uses shell commands to interact with internal and external tools (e.g., jbcontext repos, jbcontext search, gh repo view). This execution is well-defined, scoped to the user's repository access, and matches the described purpose of the skill.
  • [DATA_EXFILTRATION]: There are no signs of data being sent to untrusted third-party domains. All data operations (searching and reading) occur within the organization's GitHub environment or through the authorized jbcontext service.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted data in the form of repository contents and search results. While this constitutes an attack surface, the instructions guide the agent through a standard research workflow without granting unsafe capabilities like arbitrary file writing or persistence. No specific bypass patterns were identified.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 12:29 PM
Security Audit — agent-trust-hub — org-search