sanitize-git-repo
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- PROMPT_INJECTION (LOW): This skill is vulnerable to indirect prompt injection (Category 8) because it involves reading and processing untrusted data from repository files.
- Ingestion points: The agent is instructed to scan all files within a git repository, including configuration files (.env, config.*), documentation, and data files (JSON, YAML).
- Boundary markers: The skill does not provide instructions for using delimiters or warnings to ignore instructions found within the scanned files.
- Capability inventory: The skill requires the agent to perform file read/write operations and execute shell commands (grep).
- Sanitization: No sanitization or filtering of external content is mentioned.
- COMMAND_EXECUTION (SAFE): The use of grep for searching sensitive patterns is necessary for the skill's primary purpose and is used safely in the examples provided.
- CREDENTIALS_UNSAFE (SAFE): The skill lists common secret patterns and example strings (e.g., AKIA..., ghp_...) for discovery purposes. These are not active credentials and are used as search templates.
Audit Metadata