Reins
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes shell commands such as 'npx reins-cli', 'npx skills', and 'bun' to perform repository operations like auditing and scaffolding.
- [EXTERNAL_DOWNLOADS]: It relies on 'npx' to fetch and execute the 'reins-cli' and 'skills' packages from the NPM registry.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8). Ingestion points: it parses multiple repository files (e.g., 'AGENTS.md', 'ARCHITECTURE.md') via the CLI tool across its workflows. Boundary markers: none identified in the instructions. Capability inventory: the agent can write files ('reins init', 'reins evolve') and execute shell commands. Sanitization: the skill does not specify any sanitization or validation for the content processed from target repositories.
Audit Metadata