repomix
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [External Downloads] (MEDIUM): The skill requires installing the
repomixCLI tool vianpm install -g repomix. Whilerepomixis a known utility for this purpose, it originates from an external source not included in the designated trusted organizations list. - [Command Execution] (LOW): The core functionality of the skill involves executing CLI commands through the
repomixbinary to analyze file structures and generate consolidated context files. - [Prompt Injection] (LOW): This skill presents an Indirect Prompt Injection surface (Category 8) by ingesting and formatting untrusted codebase data for AI consumption.
- Ingestion points: Processes local file paths and remote repository URLs via the
--remoteflag. - Boundary markers: Supports XML, Markdown, and JSON formatting which provide structural delimiters for file content.
- Capability inventory: The skill executes shell commands and potentially writes aggregate repository data to files or the clipboard.
- Sanitization: Uses
Secretlintby default to detect hardcoded secrets; however, it lacks specific sanitization for malicious instructions or hidden patterns embedded in the analyzed code.
Audit Metadata