Skills
skills/firecrawl/openai-skills/security-ownership-map/Gen Agent Trust Hub

security-ownership-map

Pass

Audited by Gen Agent Trust Hub on May 17, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The scripts build_ownership_map.py and community_maintainers.py use subprocess.Popen to execute git commands. These invocations use the list-style format (e.g., ['git', '-C', repo, ... ]) without enabling the shell, which safely handles the repository path and prevents command injection.
  • [EXTERNAL_DOWNLOADS]: The skill requires the networkx library for graph processing and community detection. This is a standard, reputable Python package for its intended purpose.
  • [REMOTE_CODE_EXECUTION]: The script run_ownership_map.py executes a child process using sys.executable to run the primary analysis script. This is a secure method for chaining script executions within a local environment.
  • [DATA_EXFILTRATION]: No network requests or data transmission patterns were identified. All analysis outputs (CSV and JSON) are written to a user-specified local directory.
Audit Metadata
Risk Level
SAFE
Analyzed
May 17, 2026, 03:02 PM
Security Audit — agent-trust-hub — security-ownership-map