sast-configuration
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or unauthorized data access detected. The skill instructions and commands are entirely consistent with its stated purpose of configuring security testing tools.
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of legitimate security software through official channels, including pip (semgrep), Docker Hub (sonarqube), and GitHub (gh-codeql extension). These downloads are necessary for the tool's functionality and are sourced from reputable entities.
- [COMMAND_EXECUTION]: Includes example shell commands for initializing tool environments and executing security scans. These commands are standard boilerplate for the tools described (Semgrep, SonarQube, CodeQL) and do not pose a risk of arbitrary code execution or privilege escalation.
Audit Metadata