repomix
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The documentation recommends the global installation of the
repomixCLI tool vianpm. While standard for its use case, users should verify the integrity of external packages.\n- [DATA_EXFILTRATION] (LOW): The skill is described as accessing sensitive.envfiles and repository contents. This access is a functional requirement for its primary purpose of preparing code context for AI agents.\n- [PROMPT_INJECTION] (LOW): The aggregation of repository data creates a surface for indirect prompt injection.\n - Ingestion points: Processes code from both local directories and remote URLs specified in configuration files.\n
- Boundary markers: Supports output formats like XML and JSON designed to help LLMs distinguish content from instructions.\n
- Capability inventory: No implementation code was provided for review, though the tool is stated to invoke the Repomix CLI tool via subprocesses.\n
- Sanitization: Employs an integrated security scanner (
Secretlint) by default to identify and filter credentials and secrets before output generation.\n- [NO_CODE] (SAFE): The implementation scriptrepomix_batch.pywas not included in the submitted files; therefore, no executable malicious logic or obfuscation was detected.
Audit Metadata