Skills
skills/shunsukehayashi/miyabi-claude-plugins/gitnexus-guide/Gen Agent Trust Hub

gitnexus-guide

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill provides tools to analyze untrusted codebase data, which introduces a surface for indirect prompt injection attacks.
  • Ingestion points: Data enters the system via code intelligence tools (query, context, cypher) and gitnexus:// MCP resources.
  • Boundary markers: No delimiters or safety instructions are defined to prevent the agent from processing instructions found within the code.
  • Capability inventory: The skill allows for code modification using the rename tool and mentions the npx gitnexus analyze command.
  • Sanitization: The guide does not mention any sanitization or validation of the codebase data being processed.
  • [COMMAND_EXECUTION]: The skill documentation recommends that users run npx gitnexus analyze to update the codebase index, which is a standard operation for the GitNexus toolset.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 12:31 AM