integration-analysis
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill automatically identifies and clones remote GitHub repositories discovered during its analysis phase. It uses the
gh repo clonecommand to fetch code from organizations detected in local git remotes for deeper system profiling. - [COMMAND_EXECUTION]: The skill executes shell commands via the GitHub CLI (
gh api,gh repo clone) and filesystem operations to recursively discover and manage codebases based on integration signals. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from multiple sources including local configuration directories, documentation, and external repositories cloned from GitHub. It lacks explicit boundary markers or sanitization instructions to prevent malicious content within these sources from influencing agent behavior during profiling and planning phases.
Audit Metadata