gitnexus-debugging
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The instructions describe running 'npx gitnexus analyze' in the terminal to refresh the code index, which is a routine maintenance task for developers using this tool.
- [EXTERNAL_DOWNLOADS]: The skill mentions the 'gitnexus' tool, which is retrieved from the npm registry via npx. This resource is associated with the skill's primary purpose and author.
- [PROMPT_INJECTION]: The skill interacts with code repositories which represents a surface for indirect prompt injection. 1. Ingestion points: Data is ingested via 'gitnexus_query', 'gitnexus_context', and the 'gitnexus://' protocol. 2. Boundary markers: Not identified. 3. Capability inventory: The skill is focused on read-only information retrieval for debugging and does not include tools for data modification or external transmission. 4. Sanitization: Not identified. The risk is considered low and inherent to the intended use-case of code analysis.
- [SAFE]: No malicious obfuscation, credential theft, or persistence mechanisms were detected. The behavior is consistent with the stated purpose of a debugging assistant.
Audit Metadata