repomix

[Skill Scanner] Installation of third-party script detected All findings: [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Installation of third-party script detected (SC006) [AITech 9.1.4] [CRITICAL] command_injection: Instruction to copy/paste content into terminal detected (CI012) [AITech 9.1.4] [HIGH] data_exfiltration: Credential file access detected (DE002) [AITech 8.2.3] This skill documentation and CLI surface are coherent with the stated purpose of packaging repositories for LLM consumption. There is no clear evidence of malicious code or credential-harvesting behavior in the provided documentation itself. The primary concerns are operational: the docs leave ambiguous whether any processed repository contents may be uploaded to an external 'MCP Server' or other third-party endpoints for AI assistant integration, and the ability to disable secret detection (--no-security-check) increases the chance of accidental exposure. Recommend: verify the implementation network behavior before using remote-processing or assistant-integration features, ensure secretlint runs by default, and require explicit opt-in and clear auth for any third-party uploads. Overall: likely benign but with moderate operational risk due to unclear external integration points. LLM verification: The skill documentation and feature set are coherent with a legitimate repository-packaging tool. I found no direct malicious code in this text, no hardcoded secrets, and no obvious obfuscation. However, several features widen the attack surface: remote repository processing without clear validation, an option to disable Secretlint checks, a clipboard copy option, and an unspecified MCP Server integration. These features are reasonable for functionality but can be abused for credential harvestin