Skills
NYC
skills/duc01226/easyplatform/repomix/Gen Agent Trust Hub

repomix

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill requires installing the third-party repomix CLI and Python utilities from public registries. This is essential for the skill's primary purpose.
  • PROMPT_INJECTION (LOW): The skill processes untrusted repositories for LLM consumption, creating an indirect prompt injection surface (Category 8).
  • Ingestion points: Processes local and remote repositories via repomix_batch.py and the repomix CLI.
  • Boundary markers: Uses format-specific delimiters (XML, Markdown, JSON) but lacks explicit agent instructions to ignore instructions within the processed content.
  • Capability inventory: Extensive file-read and concatenation capabilities to aggregate whole codebases.
  • Sanitization: Integrates Secretlint to detect credentials, but lacks sanitization for malicious natural language instructions.
  • COMMAND_EXECUTION (LOW): The repomix_batch.py script and SKILL.md instructions involve executing system commands to invoke the repomix CLI, which is the intended behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:23 PM