skills/oldwinter/skills/ast-grep/Gen Agent Trust Hub

ast-grep

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill and its references provide documentation for using the ast-grep CLI. No malicious patterns, data exfiltration, or unauthorized remote code execution patterns were detected within the provided files.
  • [PROMPT_INJECTION]: The skill describes a workflow that ingests user data to perform code searches, which is a potential surface for indirect prompt injection.
  • Ingestion points: Natural language queries and code snippets provided by the user (SKILL.md).
  • Boundary markers: No specific delimiters or boundary markers are defined to isolate user-provided input from the generated search commands.
  • Capability inventory: The skill performs subprocess execution of the ast-grep CLI, which accesses the local file system for analysis (SKILL.md).
  • Sanitization: There is no documented validation or sanitization of user-provided search patterns before they are passed to the CLI.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 12:30 AM
Security Audit — agent-trust-hub — ast-grep