repo-agent-context-audit

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled Python script, scripts/scan_repo_context.py, to scan and analyze documentation files within a repository. The script is restricted to read-only filesystem operations and does not perform network requests or modify any files.
  • [PROMPT_INJECTION]: The skill ingests and analyzes documentation files (such as AGENTS.md and CLAUDE.md) that are intended to guide AI agents. This introduces an indirect prompt injection surface where a malicious repository could contain instructions designed to subvert the agent's behavior during the audit.
  • Ingestion points: Documentation and specification files (PRODUCT.md, TECH.md, AGENTS.md, etc.) in the repository being audited.
  • Boundary markers: Absent; the skill does not explicitly use delimiters or instructions to ignore embedded commands when the agent reads these files.
  • Capability inventory: Read-only access to local files and the ability to generate analysis reports.
  • Sanitization: Absent; the raw content of the audited files is processed without filtering or validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 11:20 AM
Security Audit — agent-trust-hub — repo-agent-context-audit