code-to-pantry
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Git and GitHub CLI commands (
gh repo clone,git add,git commit,git push) to manage the external 'pantry' repository.- [DATA_EXFILTRATION]: The skill is designed to move segments of code from the local codebase to a remote GitHub repository (github.com/nweii/pantry). To prevent accidental exposure of secrets or proprietary context, the skill requires the agent to propose an abstraction plan for user approval and follow strict rules for removing app-specific identifiers and hardcoded values.- [REMOTE_CODE_EXECUTION]: The skill references a pre-commit hook (scripts/sync.js) located in the cloned repository. This script is intended to run locally during the commit process. Since the repository is a vendor-owned resource, this is documented as standard repository automation.
Audit Metadata