Skills
skills/santosomar/general-secure-coding-agent-skills/patch-advisor/Gen Agent Trust Hub

patch-advisor

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: References remediation patterns and security guidelines from the Project CodeGuard repository on GitHub (github.com/cosai-oasis/project-codeguard).
  • [PROMPT_INJECTION]: The skill processes vulnerability findings that may originate from untrusted sources, creating a surface for indirect prompt injection.
  • Ingestion points: Vulnerability data (CWE and language) from external findings provided to the agent.
  • Boundary markers: No delimiters or instructions are used to isolate untrusted finding data.
  • Capability inventory: The skill does not employ dangerous capabilities such as shell execution, file system modifications, or network requests.
  • Sanitization: There is no evidence of input validation or sanitization for the provided vulnerability data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 09:20 PM
Security Audit — agent-trust-hub — patch-advisor