Skills
skills/jimweller/clanker-skills/review-full/Gen Agent Trust Hub

review-full

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes several shell commands to manage its workflow:
  • Uses git rev-parse and pwd to resolve absolute project paths.
  • Uses rm -rf and mkdir -p to prepare a temporary output directory (.llmtmp/review-full/) within the repository root.
  • Uses npx repomix to generate a packed XML snapshot of the codebase for analysis.
  • [EXTERNAL_DOWNLOADS]: Executes npx repomix, which may fetch the repomix utility from the official npm registry if it is not already cached locally.
  • [SAFE]: Implements robust path validation using a case statement to ensure the target path for review remains within the repository's root directory, effectively preventing path traversal or symbolic link escape attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 10:21 PM
Security Audit — agent-trust-hub — review-full