Skills
skills/mathews-tom/praxis-skills/repo-sentinel/Gen Agent Trust Hub

repo-sentinel

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions and references contain shell commands using git, grep, find, and xargs to audit repository source code and history for secrets and configuration errors.
  • [EXTERNAL_DOWNLOADS]: The skill recommends the installation of third-party tools like gitleaks, trufflehog, and pre-commit from trusted registries and official GitHub repositories.
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection because it analyzes untrusted content from repository files, commit messages, and documentation.
  • Ingestion points: Untrusted data is ingested from the git object store and repository files via git grep and git log.
  • Boundary markers: No specific delimiters or boundary instructions are used to separate untrusted repository content from instructions.
  • Capability inventory: The skill performs subprocess execution using git and various security-focused CLI tools.
  • Sanitization: No explicit sanitization or validation of audited data is mentioned before incorporating findings into the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 07:10 PM