repo-agent-context-audit
Pass
Audited by Gen Agent Trust Hub on Jul 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a bundled Python script (scripts/scan_repo_context.py) to analyze the structure and metadata of files in a repository. The script is designed for read-only discovery and does not perform dangerous operations.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from external repositories during the audit workflow, creating a potential surface for indirect prompt injection.
- Ingestion points: scripts/scan_repo_context.py reads file content from the target repository root provided by the user.
- Boundary markers: The skill does not define specific delimiters or instructions to ignore embedded commands when the agent reads audited files.
- Capability inventory: The skill allows the agent to read repository files, execute a bundled Python scanner script, and propose file changes.
- Sanitization: No explicit sanitization or filtering of the ingested file content is performed before evaluation.
Audit Metadata