security-review
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted codebase data, which presents an inherent surface for indirect prompt injection. Adversarial code or comments within a scanned project could attempt to influence the agent's findings or suppress security reports.
- Ingestion points: Processes all source files and configuration files in the target project path.
- Boundary markers: Relies on the agent's natural language processing; no explicit delimiters are defined to separate code from instructions within scanned files.
- Capability inventory: The skill generates analysis and proposes patches; it does not contain tools for code execution, system modification, or network exfiltration.
- Sanitization: Includes a mandatory 'Step 6 — Self-Verification Pass' where the agent is instructed to re-examine findings against original code to filter out false positives and ensure exploitability.
- [EXTERNAL_DOWNLOADS]: The reference files (e.g.,
references/vulnerable-packages.md) point to authoritative and well-known security resources, such as the RustSec Advisory Database and official Go vulnerability registries. These references are used legitimately to audit project dependencies. - [REMOTE_CODE_EXECUTION]: Several reference files contain snippets of dangerous code patterns (e.g.,
eval(),exec(), andos.system()). These are provided strictly as educational examples and detection patterns to help the agent identify vulnerabilities in user code and do not constitute executable components of the skill itself.
Audit Metadata