security-review
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, external downloads, or exfiltration attempts were detected. The skill's primary purpose is to provide a framework for manual or agent-assisted security audits.
- [PROMPT_INJECTION]: As a security analysis tool, the skill naturally ingests untrusted code and user input, which constitutes an indirect prompt injection surface. However, the risk is minimized by the skill's core principles requiring evidence-based findings and code verification. 1. Ingestion points: Recent code diffs, named subsystems, and user-provided concerns. 2. Boundary markers: Absent. 3. Capability inventory: Read-only access to the codebase via file exploration. 4. Sanitization: Absent.
Audit Metadata