production-audit
Pass
Audited by Gen Agent Trust Hub on May 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a purely instructional guide for performing repository audits. It does not contain any malicious code, prompt injections, or obfuscation.
- [DATA_EXFILTRATION]: The skill documentation explicitly prohibits the exfiltration of repository data to third-party services, emphasizing a 'maintainer-safe' approach.
- [REMOTE_CODE_EXECUTION]: The instructions include 'Anti-Patterns' that specifically warn against running unpinned remote packages or scanners, which helps prevent supply chain attacks during the audit process.
- [COMMAND_EXECUTION]: The suggested shell commands (git status, git log, git diff) are standard for repository inspection and do not pose a risk of command injection as they are used for read-only information gathering.
Audit Metadata