Skills
skills/mgiovani/cc-arsenal/forge-security/Gen Agent Trust Hub

forge-security

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes security analysis tools including npm audit, pip-audit, safety, and bandit through the Bash tool. These operations are limited to specific security auditing commands and are consistent with the skill's stated purpose.
  • [PROMPT_INJECTION]: The skill includes instructions to the agent to enforce security gates and follow specific audit methodologies. These instructions (e.g., 'Anti-Hallucination Guidelines') are designed to improve the accuracy and reliability of the security report rather than bypassing agent safety protocols.
  • [DATA_EXFILTRATION]: No patterns of unauthorized data transmission were found. The skill includes a WebSearch capability, which is standard for researching security vulnerabilities (CVEs) during an audit.
  • [CREDENTIALS_UNSAFE]: No hardcoded secrets are present. The skill provides Grep patterns for the agent to use when searching for potential credential leaks in the target codebase.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 08:42 PM