repo-readiness
Fail
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The script bulk_readiness_check.sh executes check_readiness.sh, which is missing from the provided skill files, constituting unverifiable code execution.
- [EXTERNAL_DOWNLOADS] (HIGH): install_hook.sh copies an executable script from a hardcoded external path (/mnt/github/workspace-hub/templates/hooks/pre-task.sh), allowing deployment of code from outside the skill's distribution.
- [REMOTE_CODE_EXECUTION] (HIGH): The skill establishes persistence by installing 'pre-task hooks' in repositories. These hooks run automatically before agent operations and are based on external templates.
- [PROMPT_INJECTION] (LOW): bulk_readiness_check.sh parses untrusted repository data from readiness-report.md files and includes it in a summary report. 1. Ingestion points: .claude/readiness-report.md files; 2. Boundary markers: Absent; 3. Capability inventory: Subprocess/Bash execution of multiple scripts; 4. Sanitization: Absent.
Recommendations
- AI detected serious security threats
Audit Metadata