cs-audit
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a professional auditing workflow for software quality and security. It focuses on finding issues like SQL injection and performance bottlenecks through static analysis.
- [COMMAND_EXECUTION]: The skill leverages local file system capabilities such as Glob and Grep to analyze code. These activities are appropriate for its code-scanning purpose and do not involve executing untrusted code or escalating privileges.
- [DATA_EXFILTRATION]: No network access or data exfiltration mechanisms were identified. Analysis results are stored locally in the project directory in a standardized format.
- [PROMPT_INJECTION]: There are no instructions designed to bypass safety protocols or manipulate the agent's behavior. The skill defines strict rules for evidence-based reporting and requires explicit confirmation of the audit scope.
- [SAFE]: The skill ingests untrusted source code from the repository, creating a surface for indirect prompt injection. However, the risk is mitigated by the fact that the skill only performs static analysis and documentation without executing the content or having any network-bound capabilities.
Audit Metadata