repo-research-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is designed to perform systematic research on codebases, including mapping architecture, analyzing documentation, and identifying implementation patterns. No malicious behavior, data exfiltration, or unauthorized command execution was detected.
- [PROMPT_INJECTION]: The skill processes untrusted data from repository files (such as README.md and CONTRIBUTING.md), which represents a surface for indirect prompt injection. However, this activity is inherent to its primary function as a research tool and no high-risk capabilities (like network exfiltration or system modification) are utilized in its instructions.
- Ingestion points: Files are accessed through the
Read tool,Grep tool, andGlob tool. - Boundary markers: None explicitly defined in the prompt instructions.
- Capability inventory: Uses read-only search and file access tools (
rg,ast-grep,glob). - Sanitization: No content sanitization is specified for the ingested file data.
Audit Metadata