bugs-are-annoying
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs legitimate static analysis on a codebase. It limits its operations to reading project files and writing reports to a local markdown file (bugs.md). It does not use any network-based tools or access sensitive system configuration files.
- [SAFE]: The skill has an inherent attack surface for indirect prompt injection because it ingests untrusted code during its audit phases (Ingestion: codebase files; Boundaries: absent; Capabilities: file writing, fix application; Sanitization: absent). However, the risk is mitigated by the skill's rigid operational structure and the requirement for explicit human confirmation before any code changes are applied in Fix Mode.
- [SAFE]: The skill facilitates code modification through its 'Fix Mode'. While this involves the agent editing files, it is restricted to applying suggested fixes previously documented in the audit report and requires an intentional, direct command from the user.
Audit Metadata