finding-triage
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides structured, professional instructions for security finding triage, adhering to industry frameworks like OWASP and NIST.
- [SAFE]: It contains explicit ethical boundaries that instruct the agent to refuse requests to 'risk-launder', fabricate sign-offs, or downgrade severities to avoid audit obligations.
- [SAFE]: The allowed tools (Bash, Grep, Glob) are consistent with the skill's purpose of verifying the existence and reachability of vulnerable code paths within a project.
- [SAFE]: There are no signs of obfuscation, remote code execution, or data exfiltration. The skill operates purely as a documentation and analysis aid for the user's provided findings.
Audit Metadata