claude-md-auditor
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs static analysis of local project configuration files. All processing is handled by provided Python scripts that use the standard library for regular expression matching and reporting. There are no network requests, remote downloads, or subprocess executions of untrusted content.
- [SAFE]: The skill includes robust security checking patterns to identify hardcoded secrets in the files it audits. The analyzer script incorporates a redaction mechanism (
_redact_line) to protect sensitive information from being fully exposed in generated audit reports. - [SAFE]: Sample credentials and sensitive paths found in the documentation and test files (e.g.,
examples/test_claude_md_with_issues.md) are dummy data explicitly provided for testing the auditor's detection capabilities and do not represent a credential leak in the skill itself.
Audit Metadata