repo-agent-context-audit
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script,
scripts/scan_repo_context.py, to scan and analyze documentation files within a repository. The script is restricted to read-only filesystem operations and does not perform network requests or modify any files. - [PROMPT_INJECTION]: The skill ingests and analyzes documentation files (such as AGENTS.md and CLAUDE.md) that are intended to guide AI agents. This introduces an indirect prompt injection surface where a malicious repository could contain instructions designed to subvert the agent's behavior during the audit.
- Ingestion points: Documentation and specification files (PRODUCT.md, TECH.md, AGENTS.md, etc.) in the repository being audited.
- Boundary markers: Absent; the skill does not explicitly use delimiters or instructions to ignore embedded commands when the agent reads these files.
- Capability inventory: Read-only access to local files and the ability to generate analysis reports.
- Sanitization: Absent; the raw content of the audited files is processed without filtering or validation.
Audit Metadata