Skills
skills/derklinke/codex-config/security-threat-model/Gen Agent Trust Hub

security-threat-model

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill incorporates strong security hygiene instructions, explicitly requiring the model to redact any discovered secrets, tokens, or passwords before outputting findings.
  • [COMMAND_EXECUTION]: The instructions utilize the ripgrep tool to explore codebases and involve writing the final security report to a local file. This behavior is necessary for the skill's primary function.
  • [PROMPT_INJECTION]: The skill processes untrusted repository content, which presents a surface for indirect prompt injection where malicious code or comments could attempt to influence the agent's threat model findings.
  • [SAFE]: The analysis workflow is based on sound application security principles, requiring evidence anchors for all architectural claims and explicitly separating production logic from testing or development tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 09:42 AM
Security Audit — agent-trust-hub — security-threat-model