gitnexus-exploring
Warn
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent or user to execute
npx gitnexus analyzein the terminal to update stale codebase indices, which runs code on the local environment. - [EXTERNAL_DOWNLOADS]: The command
npx gitnexus analyzefetches thegitnexuspackage from the public npm registry. The skill does not pin the package version or verify its integrity before execution. - [PROMPT_INJECTION]: The skill ingests codebase metadata and execution flows from the GitNexus knowledge graph, creating a vulnerability to indirect prompt injection if the analyzed codebase contains malicious content.
- Ingestion points: Codebase stats, functional area descriptions, and execution traces are loaded via the
gitnexus://resource scheme. - Boundary markers: No explicit markers or 'ignore' instructions are provided to delimit the ingested data from the agent's core instructions.
- Capability inventory: The skill includes tools to query the knowledge graph and instructions to read source files (e.g.,
Read src/payments/processor.ts). - Sanitization: The skill does not define any sanitization or filtering logic for the data retrieved from the codebase knowledge graph.
Audit Metadata