gitea
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for administrative operations such as service control via systemctl, user and repository management using the gitea admin CLI, and firewall adjustment with ufw. These actions are appropriate for the declared purpose of the skill.\n- [DATA_EXFILTRATION]: The skill accesses Gitea configuration files (app.ini) that store sensitive information, including database credentials and security tokens, to perform tasks like backups (gitea dump) and configuration checks. This access is required for managing the service.\n- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external sources, creating a surface for indirect prompt injection. \n
- Ingestion points: Remote repository URLs provided to the migration command in SKILL.md.\n
- Boundary markers: No specific boundary markers or warnings are included in the command instructions.\n
- Capability inventory: The skill can execute administrative commands and modify system settings as described in SKILL.md.\n
- Sanitization: The skill relies on the underlying Gitea software for sanitizing imported data, as no explicit validation steps are provided in the instructions.
Audit Metadata