Skills
skills/iyaki/opencode-base-template/code-search/Gen Agent Trust Hub

code-search

Pass

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Uses npx to execute the repomix package, which involves fetching the package from the official npm registry if it is not present locally.
  • [COMMAND_EXECUTION]: Executes the command npx repomix --stdout to pack the repository content into a single output for code analysis.
  • [PROMPT_INJECTION]: The skill processes repository data via npx repomix (Ingestion point: repository files). While it lacks explicit delimiters for the packed content (Boundary markers: absent), it is a standard tool for providing LLM context (Capability inventory: npx repomix). No specific sanitization of the packed source code is performed (Sanitization: absent).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 2, 2026, 06:46 PM