review
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a repository audit workflow for identifying sensitive information and repository maturity gaps. The operations defined, such as searching files and checking metadata, are aligned with the stated purpose of an openness audit.
- [DATA_EXFILTRATION]: The skill instructions specify searching for sensitive patterns like API keys, private keys, and the presence of .env files. This is a legitimate function for a security audit tool and does not involve exfiltration to external systems.
- [PROMPT_INJECTION]: The skill processes untrusted data from the repository being audited, which introduces a surface for indirect prompt injection where malicious instructions in source files could influence the agent's behavior. * Ingestion points: Files within the repository including source code, READMEs, and package metadata files. * Boundary markers: Not present. The skill does not instruct the agent to use specific delimiters or to ignore embedded instructions within audited data. * Capability inventory: The agent has capabilities to read files and is encouraged to offer to fix identified issues. * Sanitization: None specified for the content read from files.
Audit Metadata