repomix
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses npx to fetch and run the repomix package from the npm registry and provides instructions for using a Docker image from ghcr.io.
- [COMMAND_EXECUTION]: The skill executes CLI commands such as npx, docker, git, and find to traverse directories and process codebases.
- [PROMPT_INJECTION]: By aggregating code from local or remote repositories for LLM analysis, the tool creates a surface for indirect prompt injection where instructions embedded in the processed code could potentially influence the analyzing agent.
- [DATA_EXFILTRATION]: The core function of the tool is to consolidate repository data for analysis by external AI models. The skill documentation highlights a security feature that uses Secretlint to detect and block the inclusion of sensitive credentials in the generated output file.
Audit Metadata