ast-grep
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for running
ast-grepCLI commands. These commands are standard for the tool's functionality and do not involve suspicious parameters or privilege escalation. - [PROMPT_INJECTION]: No evidence of instructions intended to bypass safety filters, override agent behavior, or extract system prompts was found.
- [DATA_EXFILTRATION]: There are no patterns involving network requests to external domains or access to sensitive local files (e.g., credentials, SSH keys).
- [REMOTE_CODE_EXECUTION]: The skill does not facilitate downloading or executing scripts from remote sources. It focuses entirely on local structural code analysis.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or passwords were found in the instructions or reference materials.
Audit Metadata