django-simplifier
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The
scripts/analyze_django.pyscript usessubprocess.runto orchestrate the execution of internal analysis scripts. This is implemented securely by passing arguments as a list and avoiding the use ofshell=True, which prevents shell injection vulnerabilities. - [SAFE]: The skill uses Python's built-in
astmodule to perform static code analysis. This method ensures that the user's source code is parsed into a tree for inspection but never executed, eliminating the risk of runtime exploitation from the analyzed content. - [SAFE]: The skill identifies security-related anti-patterns such as hardcoded
SECRET_KEYvalues, enabledDEBUGmodes, and unsafe template filtering, acting as a security linter rather than a threat.
Audit Metadata