sweep
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill exhibits no malicious behavior, obfuscation, or unauthorized data access. Its design emphasizes safety, transparency, and user control.
- [COMMAND_EXECUTION]: The skill uses established static analysis tools (e.g., knip, vulture, staticcheck) via subprocess execution to analyze the codebase. These tools are used solely for scanning and finding candidates for cleanup.
- [INDIRECT_PROMPT_INJECTION]: The skill processes project files which could contain malicious instructions. This risk is effectively mitigated by the skill's requirement for quantitative evidence, confidence scoring, and explicit human approval before any action is taken.
- [EXTERNAL_DOWNLOADS]: The skill references reputable open-source tools like Uber's Piranha for feature flag cleanup, which is a standard practice in software maintenance.
Audit Metadata