source-command-tech-audit-codebase
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes standard shell utilities including
grep,find,pnpm, andrtk(a development CLI) to analyze the local codebase. These operations are limited to read-only searching and standard build tool invocations (linting, type checking) which are consistent with the skill's stated purpose of performing a technical audit. - [CREDENTIALS_UNSAFE]: The skill contains regex patterns designed to identify hardcoded secrets such as GitHub Personal Access Tokens (
ghp_), Jawgmap keys, and Geoapify keys. This is a security-enhancing feature for detecting accidentally committed credentials and does not involve the exfiltration of found data.
Audit Metadata