security-specialist
Pass
Audited by Gen Agent Trust Hub on Jun 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
subprocess.runinscripts/pentest.pyandscripts/rank_files.pyto execute external security tools including nmap, git, subfinder, and gobuster. These executions are performed safely using list-based arguments to prevent shell injection and are central to the skill's primary function as a security auditing tool. - [EXTERNAL_DOWNLOADS]: The
_subdomain_enumfunction inscripts/pentest.pyperforms network requests tocrt.sh, a well-known service for certificate transparency logs, to discover subdomains of a target. This is a standard reconnaissance practice. - [SAFE]: The skill implements strong security best practices, such as an authorization gate for active probing of non-local targets, integrity hashing for reports via SHA-256, and strict schema validation for its structured output. All high-risk operations (file access and network scanning) are scoped to the user-provided target codebase and infrastructure.
Audit Metadata