Repomix Explorer
PassAudited by ClawScan on May 10, 2026.
Overview
The skill appears to do what it says—use Repomix to inspect repositories—but it runs an unpinned npm CLI and may leave a packed copy of your code on disk.
This skill is reasonable for repository analysis. Before using it on private code, confirm you trust the Repomix npm package, consider pinning the version, limit the directory or file patterns being packed, and delete generated output files that contain sensitive repository content.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A future or compromised npm package version could behave differently than expected, even though using Repomix is central to the skill's purpose.
The skill runs Repomix through `npx` using the `@latest` tag, so the executed package version can change over time and is fetched from npm at runtime.
npx repomix@latest --remote <repo> --output /tmp/<repo-name>-analysis.xml
Prefer a pinned Repomix version and ensure the package source is trusted before running it on sensitive repositories.
If repository names, paths, or cleanup targets are not handled carefully, the agent could run a command against the wrong location or interpret unsafe shell characters.
The skill instructs the agent to run shell commands using user-selected repositories or directories, which is expected for this purpose but still requires careful argument handling.
Execute the repomix command via shell
Quote and validate repository/path arguments, avoid untrusted shell metacharacters, and ask before running cleanup commands such as `rm`.
Private code, configuration, or accidental secrets in a repository could remain in a generated output file after the task is complete.
Repomix output files can contain a packed copy of repository contents and may be kept after the analysis.
Default output: `./repomix-output.xml` ... Or keep for future reference if space allows
Run the skill only on repositories you intend to expose for analysis, use scoped include/ignore patterns, and delete generated output files when they contain sensitive content.