security-specialist

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run in scripts/pentest.py and scripts/rank_files.py to execute external security tools including nmap, git, subfinder, and gobuster. These executions are performed safely using list-based arguments to prevent shell injection and are central to the skill's primary function as a security auditing tool.
  • [EXTERNAL_DOWNLOADS]: The _subdomain_enum function in scripts/pentest.py performs network requests to crt.sh, a well-known service for certificate transparency logs, to discover subdomains of a target. This is a standard reconnaissance practice.
  • [SAFE]: The skill implements strong security best practices, such as an authorization gate for active probing of non-local targets, integrity hashing for reports via SHA-256, and strict schema validation for its structured output. All high-risk operations (file access and network scanning) are scoped to the user-provided target codebase and infrastructure.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 12:01 AM
Security Audit — agent-trust-hub — security-specialist