repomix
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCREDENTIALS_UNSAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE] (MEDIUM): Documentation indicates the script loads environment variables from multiple sensitive .env files. This poses a risk of accidentally exposing secrets in the output.
- [COMMAND_EXECUTION] (MEDIUM): The utility wraps the repomix CLI and processes inputs from a JSON configuration file. Without source code, this pattern suggests a risk of command injection if input paths are not sanitized.
- [EXTERNAL_DOWNLOADS] (LOW): Requires external installation of the repomix CLI tool from npm.
- [PROMPT_INJECTION] (LOW): The tool ingests untrusted repository data (Indirect Prompt Injection surface). Evidence: 1. Ingestion: remote/local repos. 2. Boundary markers: XML/Markdown/JSON styles. 3. Capability inventory: CLI execution and file writing. 4. Sanitization: Optional Secretlint-based security checks, bypassable via --no-security-check.
Audit Metadata