public-release
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes dynamic context injection (
!) in the 'Project Context' section to execute local shell commands such aspwd,git branch,git remote, andls. These commands are used solely to provide environment context to the agent and do not incorporate unvalidated user input. - [COMMAND_EXECUTION]: The instructions direct the AI agent to use shell-based tools (e.g.,
git log,find,exiftool) to perform the repository audit. These are legitimate uses of the agent's capabilities for the stated purpose of a security review. - [DATA_EXFILTRATION]: The skill contains an extensive list of sensitive patterns and file paths (e.g., AWS keys, Stripe tokens,
.envfiles, SSH keys) for the agent to search for. This behavior is the primary intended function of the security audit and there is no evidence of instructions to transmit discovered data to external or third-party services. - [PROMPT_INJECTION]: The skill uses authoritative language (e.g., 'You MUST follow ALL phases completely') and task-specific triggers. These are functional instructions to ensure a thorough audit and do not attempt to bypass the AI agent's core safety filters or extract system prompts.
Audit Metadata