vibe-code-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No malicious override or bypass patterns were detected. The instructions use standard instructional language for a software architect persona.
- [DATA_EXFILTRATION]: No evidence of hardcoded credentials, sensitive file path access, or unauthorized network operations was found. The skill does not contain logic to transmit data externally.
- [OBFUSCATION]: The content is clear and uses plain text. No hidden encoding (Base64, Hex), zero-width characters, or homoglyphs were detected.
- [REMOTE_CODE_EXECUTION]: There are no patterns involving the download or execution of remote scripts, package installations, or dynamic code generation.
- [INDIRECT_PROMPT_INJECTION]: While the skill is designed to ingest and process user-provided code (untrusted data), it lacks the dangerous capabilities required for an exploit, such as file writing, command execution, or network communication. The instructions are strictly limited to analysis and reporting.
- [DYNAMIC_CONTEXT_INJECTION]: No use of shell-execution placeholders (such as the exclamation-backtick syntax) was found in the documentation.
Audit Metadata