repo-mapping
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): No instructions found that attempt to bypass safety filters or override system prompts.
- Data Exposure & Exfiltration (SAFE): The skill reads symbols from the repository and stores them locally. No external network activity or access to sensitive credentials was found.
- Unverifiable Dependencies (SAFE): The skill uses ast-grep but requires explicit user approval for installation, preventing unauthorized code execution.
- Indirect Prompt Injection (LOW): The skill is subject to the inherent risk of indirect prompt injection due to its core function of parsing repository code. 1. Ingestion points: Repository source files. 2. Boundary markers: Metadata is structured in a JSON format. 3. Capability inventory: Local file system access and AST tool execution. 4. Sanitization: Uses structural parsing via ast-grep to interpret code rather than text prompts.
Audit Metadata