wrdn-code-execution
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is entirely instructional, consisting of Markdown files that provide a framework for bug hunting. It does not include any executable scripts (.py, .js, .sh).
- [SAFE]: Static detector warnings for 'eval' or 'exec' are false positives. These terms appear in the documentation only as code examples to illustrate vulnerable patterns the agent should look for in target codebases.
- [SAFE]: No hardcoded credentials, sensitive file path access, or data exfiltration behaviors were detected.
- [SAFE]: The skill does not download external code or packages. All references are local documentation files.
- [SAFE]: The permission to use 'Bash' in the YAML frontmatter is consistent with the skill's stated purpose of using grep and terminal utilities for code analysis.
Audit Metadata