repo-scan
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The installation instructions require fetching the skill's implementation from a community-maintained GitHub repository (
github.com/haibindev/repo-scan.git). While the process uses a specific commit hash for reproducibility, the repository is not owned by the skill author or a verified organization. - [COMMAND_EXECUTION]: The setup process involves executing multiple shell commands (
git init,git remote,git fetch,git checkout, andcp) to download and deploy the skill into the local environment. - [PROMPT_INJECTION]: The skill is designed to ingest and analyze arbitrary source code files from various programming environments (C++, Java, Swift, JS/TS).
- Ingestion points: The tool reads file contents, headers, license files, and directory structures across the entire repository (SKILL.md).
- Boundary markers: There are no explicit instructions or delimiters mentioned to prevent the agent from following instructions embedded within the code being audited.
- Capability inventory: The skill possesses the ability to read all files in a repository and generate interactive HTML reports based on that content.
- Sanitization: No sanitization or filtering of external source code content is described, which could allow maliciously crafted comments or code to influence the agent's final report or classification decisions (Indirect Prompt Injection).
Audit Metadata