search-and-fork
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes authorized Gitee MCP tools (search_open_source_repositories, fork_repository, get_user_info) for their intended purpose. No evidence of credential theft, remote code execution, or data exfiltration was found.
- [INDIRECT_PROMPT_INJECTION]: The skill processes external repository metadata (READMEs, descriptions) that could contain malicious instructions. This is a functional requirement for evaluating repositories, and the risk is low as the user must confirm the selection before a fork is executed. * Ingestion points: Results from the search_open_source_repositories tool as described in Step 3. * Boundary markers: None provided to separate untrusted content from the agent prompt. * Capability inventory: The skill has the ability to fork repositories to the user's account using the fork_repository tool. * Sanitization: No explicit sanitization or filtering of external repository content is implemented.
Audit Metadata