repomix-reference-black-tortoise
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWSAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest contents from 1,214 external source code files into the agent's context, creating a surface for indirect prompt injection.
- Ingestion points:
references/files.mdcontains the full text of the referenced codebase. - Boundary markers: Files are structured with
## File: <path>headers and line numbers to help the agent differentiate between content and instructions. - Capability inventory: The skill is passive and informational; it contains no definitions for command execution (
eval,exec), file modification, or network operations. - Sanitization: No content filtering or sanitization of the source code is performed beyond excluding binary files and truncating base64 strings.
- [Data Exposure] (SAFE): The skill configuration in
references/summary.mddemonstrates a strong security posture by explicitly ignoring sensitive paths (e.g.,.env,.aws/credentials,.ssh/,.git/, and various lock files).
Audit Metadata