Skills
skills/sisodiabhumca/agent-skills/dependency-vuln-triager/Gen Agent Trust Hub

dependency-vuln-triager

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The implementation in triage.py is written using only the Python standard library. It does not require or install any third-party dependencies, eliminating supply chain risks.
  • [SAFE]: The script performs local file operations only. It reads scanner JSON data and writes Markdown/JSON reports to paths specified via command-line arguments. No unauthorized file access or exfiltration patterns were detected.
  • [SAFE]: There are no network-capable operations (no curl, wget, or requests) in the skill's code.
  • [SAFE]: The skill instructions and code are consistent with their stated purpose. No obfuscation, persistence mechanisms, or privilege escalation attempts were found.
  • [SAFE]: No use of dynamic execution functions like eval() or exec() is present. JSON data is parsed using the standard json module, which is safe for this application.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 04:06 PM
Security Audit — agent-trust-hub — dependency-vuln-triager