ts-reuse-review
Pass
Audited by Gen Agent Trust Hub on Apr 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected in this skill. The skill's primary function is to perform static analysis on source code to suggest improvements and library reuse.
- [COMMAND_EXECUTION]: The skill executes local shell scripts (
detect-libs.sh,run-patterns.sh,scan-internal-utils.sh) and standard developer tools (ast-grep,rg). These executions are scoped to the project directory and are used for code scanning purposes only. The scripts do not accept arbitrary user input that could lead to command injection. - [DATA_EXPOSURE]: The skill reads project metadata (
package.json) and source code files to provide its analysis. This behavior is expected and necessary for its documented purpose. It does not access sensitive system files or credentials. - [DYNAMIC_EXECUTION]:
scripts/scan-internal-utils.shuses a Python snippet to process JSON data from ripgrep. This execution is static, local, and involves no untrusted external inputs. - [PROMPT_INJECTION]: The skill's instructions focus on technical workflow and reporting. No attempts to bypass safety filters or override agent behavior were found.
Audit Metadata